Merge remote-tracking branch 'restricted/development_2.x-restricted' into mbedtls-2.27.0rc0-pr
diff --git a/.travis.yml b/.travis.yml
index 92090fb..e859cbb 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -30,16 +30,7 @@
- name: Windows
os: windows
- before_install:
- - choco install python --version=3.5.4
- env:
- # Add the directory where the Choco package goes
- - PATH=/c/Python35:/c/Python35/Scripts:$PATH
script:
- - type python; python --version
- - python scripts/generate_psa_constants.py
- # Logs appear out of sequence on Windows. Give time to catch up.
- - sleep 5
- scripts/windows_msbuild.bat v141 # Visual Studio 2017
after_failure:
diff --git a/ChangeLog.d/ecp-window-size.txt b/ChangeLog.d/ecp-window-size.txt
new file mode 100644
index 0000000..909d4e8
--- /dev/null
+++ b/ChangeLog.d/ecp-window-size.txt
@@ -0,0 +1,3 @@
+Changes
+ * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage
+ during ECC operations at a negligible performance cost.
diff --git a/ChangeLog.d/ensure_hash_len_is_valid.txt b/ChangeLog.d/ensure_hash_len_is_valid.txt
new file mode 100644
index 0000000..d3e2930
--- /dev/null
+++ b/ChangeLog.d/ensure_hash_len_is_valid.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * mbedtls_pk_sign() and mbedtls_pk_verify() and their extended and
+ restartable variants now always honor the specified hash length if
+ nonzero. Before, for RSA, hash_len was ignored in favor of the length of
+ the specified hash algorithm.
diff --git a/ChangeLog.d/fix_tls_alert_codes.txt b/ChangeLog.d/fix_tls_alert_codes.txt
new file mode 100644
index 0000000..10235d7
--- /dev/null
+++ b/ChangeLog.d/fix_tls_alert_codes.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * Fix which alert is sent in some cases to conform to the
+ applicable RFC: on an invalid Finished message value, an
+ invalid max_fragment_length extension, or an
+ unsupported extension used by the server.
diff --git a/ChangeLog.d/implicit_key_usage_policy.txt b/ChangeLog.d/implicit_key_usage_policy.txt
new file mode 100644
index 0000000..ee33ecb
--- /dev/null
+++ b/ChangeLog.d/implicit_key_usage_policy.txt
@@ -0,0 +1,5 @@
+Changes
+ * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when
+ PSA_KEY_USAGE_SIGN_HASH flag is set and PSA_KEY_USAGE_VERIFY_MESSAGE flag
+ when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension
+ is also applied when loading a key from storage.
diff --git a/ChangeLog.d/mbedtls_debug_print_mpi.txt b/ChangeLog.d/mbedtls_debug_print_mpi.txt
new file mode 100644
index 0000000..d1b4f5b
--- /dev/null
+++ b/ChangeLog.d/mbedtls_debug_print_mpi.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This
+ could notably be triggered by setting the TLS debug level to 3 or above
+ and using a Montgomery curve for the key exchange. Reported by lhuang04
+ in #4578. Fixes #4608.
diff --git a/ChangeLog.d/mpi_exp_mod-zero.txt b/ChangeLog.d/mpi_exp_mod-zero.txt
new file mode 100644
index 0000000..9df9031
--- /dev/null
+++ b/ChangeLog.d/mpi_exp_mod-zero.txt
@@ -0,0 +1,7 @@
+Bugfix
+ * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with
+ A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug
+ could not be triggered by code that constructed A with one of the
+ mbedtls_mpi_read_xxx functions (including in particular TLS code) since
+ those always built an mpi object with at least one limb.
+ Credit to OSS-Fuzz. Fixes #4641.
diff --git a/ChangeLog.d/mpi_gcd-0.txt b/ChangeLog.d/mpi_gcd-0.txt
new file mode 100644
index 0000000..41e11e1
--- /dev/null
+++ b/ChangeLog.d/mpi_gcd-0.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no
+ effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect
+ applications that call mbedtls_mpi_gcd() directly. Fixes #4642.
diff --git a/ChangeLog.d/mpi_read_negative_zero.txt b/ChangeLog.d/mpi_read_negative_zero.txt
index e338de7..3285769 100644
--- a/ChangeLog.d/mpi_read_negative_zero.txt
+++ b/ChangeLog.d/mpi_read_negative_zero.txt
@@ -1,3 +1,7 @@
Bugfix
- * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated
- as equal to 0 in all cases. Fix it to produce the same object as "0".
+ * Fix some cases in the bignum module where the library constructed an
+ unintended representation of the value 0 which was not processed
+ correctly by some bignum operations. This could happen when
+ mbedtls_mpi_read_string() was called on "-0", or when
+ mbedtls_mpi_mul_mpi() and mbedtls_mpi_mul_int() was called with one of
+ the arguments being negative and the other being 0. Fixes #4643.
diff --git a/ChangeLog.d/mpi_read_zero.txt b/ChangeLog.d/mpi_read_zero.txt
new file mode 100644
index 0000000..0c25159
--- /dev/null
+++ b/ChangeLog.d/mpi_read_zero.txt
@@ -0,0 +1,9 @@
+Changes
+ * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and
+ mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
+ when their input has length 0. Note that this is an implementation detail
+ and can change at any time, so this change should be transparent, but it
+ may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string()
+ now writing an empty string where it previously wrote one or more
+ zero digits when operating from values constructed with an mpi_read
+ function and some mpi operations.
diff --git a/ChangeLog.d/one-shot-mac.txt b/ChangeLog.d/one-shot-mac.txt
new file mode 100644
index 0000000..112891d
--- /dev/null
+++ b/ChangeLog.d/one-shot-mac.txt
@@ -0,0 +1,3 @@
+Features
+ * Implement psa_mac_compute() and psa_mac_verify() as defined in the
+ PSA Cryptograpy API 1.0.0 specification.
diff --git a/ChangeLog.d/one-shot_cipher_functions.txt b/ChangeLog.d/one-shot_cipher_functions.txt
new file mode 100644
index 0000000..3bb85e1
--- /dev/null
+++ b/ChangeLog.d/one-shot_cipher_functions.txt
@@ -0,0 +1,4 @@
+API changes
+ * Implement one-shot cipher functions, psa_cipher_encrypt and
+ psa_cipher_decrypt, according to the PSA Crypto API 1.0.0
+ specification.
diff --git a/ChangeLog.d/psa-read-only-keys.txt b/ChangeLog.d/psa-read-only-keys.txt
new file mode 100644
index 0000000..a4a2823
--- /dev/null
+++ b/ChangeLog.d/psa-read-only-keys.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * The PSA API no longer allows the creation or destruction of keys with a
+ read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY
+ can now only be used as intended, for keys that cannot be modified through
+ normal use of the API.
diff --git a/ChangeLog.d/psa-rsa-verify-alt-fix.txt b/ChangeLog.d/psa-rsa-verify-alt-fix.txt
new file mode 100644
index 0000000..74804ca
--- /dev/null
+++ b/ChangeLog.d/psa-rsa-verify-alt-fix.txt
@@ -0,0 +1,7 @@
+Bugfix
+ * psa_verify_hash() was relying on implementation-specific behavior of
+ mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT
+ implementations. This reliance is now removed. Fixes #3990.
+ * Disallow inputs of length different from the corresponding hash when
+ signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates
+ that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.)
diff --git a/ChangeLog.d/spm_build.txt b/ChangeLog.d/spm_build.txt
new file mode 100644
index 0000000..6016d84
--- /dev/null
+++ b/ChangeLog.d/spm_build.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included
+ in all the right places. Include it from crypto_platform.h, which is
+ the natural place. Fixes #4649.
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 79aacf7..e2f460c 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3617,7 +3617,7 @@
/* ECP options */
//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
-//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
/* Entropy options */
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 48eec61..06880a0 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -305,7 +305,8 @@
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
- * Default: 6.
+ * Default: a point where higher memory usage yields disminishing performance
+ * returns.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
@@ -322,7 +323,7 @@
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
-#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
+#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
@@ -513,8 +514,7 @@
/**
* \brief This function retrieves the information defined in
- * mbedtls_ecp_curve_info() for all supported curves in order
- * of preference.
+ * mbedtls_ecp_curve_info() for all supported curves.
*
* \note This function returns information about all curves
* supported by the library. Some curves may not be
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index b4c9a04..991026e 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -976,12 +976,14 @@
* \brief This function performs a PKCS#1 v2.1 PSS signature
* operation (RSASSA-PSS-SIGN).
*
- * \note The \p hash_id in the RSA context is the one used for the
- * encoding. \p md_alg in the function call is the type of hash
- * that is encoded. According to <em>RFC-3447: Public-Key
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) selects the hash used for the
+ * encoding operation and for the mask generation function
+ * (MGF1). For more details on the encoding operation and the
+ * mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
- * Specifications</em> it is advised to keep both hashes the
- * same.
+ * Specifications</em>.
*
* \note This function enforces that the provided salt length complies
* with FIPS 186-4 §5.5 (e) and RFC 8017 (PKCS#1 v2.2) §9.1.1
@@ -1029,12 +1031,14 @@
* \brief This function performs a PKCS#1 v2.1 PSS signature
* operation (RSASSA-PSS-SIGN).
*
- * \note The \p hash_id in the RSA context is the one used for the
- * encoding. \p md_alg in the function call is the type of hash
- * that is encoded. According to <em>RFC-3447: Public-Key
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) selects the hash used for the
+ * encoding operation and for the mask generation function
+ * (MGF1). For more details on the encoding operation and the
+ * mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
- * Specifications</em> it is advised to keep both hashes the
- * same.
+ * Specifications</em>.
*
* \note This function always uses the maximum possible salt size,
* up to the length of the payload hash. This choice of salt
@@ -1064,7 +1068,7 @@
* \param md_alg The message-digest algorithm used to hash the original data.
* Use #MBEDTLS_MD_NONE for signing raw data.
* \param hashlen The length of the message digest.
- * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * This is only used if \p md_alg is #MBEDTLS_MD_NONE.
* \param hash The buffer holding the message digest or raw data.
* If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable
* buffer of length \p hashlen Bytes. If \p md_alg is not
@@ -1190,16 +1194,15 @@
* \brief This function performs a PKCS#1 v2.1 PSS verification
* operation (RSASSA-PSS-VERIFY).
*
- * The hash function for the MGF mask generating function
- * is that specified in the RSA context.
- *
- * \note The \p hash_id in the RSA context is the one used for the
- * verification. \p md_alg in the function call is the type of
- * hash that is verified. According to <em>RFC-3447: Public-Key
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) selects the hash used for the
+ * encoding operation and for the mask generation function
+ * (MGF1). For more details on the encoding operation and the
+ * mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
- * Specifications</em> it is advised to keep both hashes the
- * same. If \p hash_id in the RSA context is unset,
- * the \p md_alg from the function call is used.
+ * Specifications</em>. If the \c hash_id set in \p ctx is
+ * #MBEDTLS_MD_NONE, the \p md_alg parameter is used.
*
* \deprecated It is deprecated and discouraged to call this function
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
@@ -1247,13 +1250,12 @@
* \brief This function performs a PKCS#1 v2.1 PSS verification
* operation (RSASSA-PSS-VERIFY).
*
- * The hash function for the MGF mask generating function
- * is that specified in \p mgf1_hash_id.
- *
* \note The \p sig buffer must be as large as the size
* of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
*
- * \note The \p hash_id in the RSA context is ignored.
+ * \note The \c hash_id set in \p ctx (when calling
+ * mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
+ * afterwards) is ignored.
*
* \param ctx The initialized RSA public key context to use.
* \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
@@ -1272,7 +1274,13 @@
* buffer of length \p hashlen Bytes. If \p md_alg is not
* #MBEDTLS_MD_NONE, it must be a readable buffer of length
* the size of the hash corresponding to \p md_alg.
- * \param mgf1_hash_id The message digest used for mask generation.
+ * \param mgf1_hash_id The message digest algorithm used for the
+ * verification operation and the mask generation
+ * function (MGF1). For more details on the encoding
+ * operation and the mask generation function, consult
+ * <em>RFC-3447: Public-Key Cryptography Standards
+ * (PKCS) #1 v2.1: RSA Cryptography
+ * Specifications</em>.
* \param expected_salt_len The length of the salt used in padding. Use
* #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length.
* \param sig The buffer holding the signature. This must be a readable
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 4684a60..30dfbce 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2987,7 +2987,9 @@
#if defined(MBEDTLS_ECP_C)
/**
* \brief Set the allowed curves in order of preference.
- * (Default: all defined curves.)
+ * (Default: all defined curves in order of decreasing size,
+ * except that Montgomery curves come last. This order
+ * is likely to change in a future version.)
*
* On server: this only affects selection of the ECDHE curve;
* the curves used for ECDH and ECDSA are determined by the
@@ -3019,7 +3021,9 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/**
* \brief Set the allowed hashes for signatures during the handshake.
- * (Default: all available hashes except MD5.)
+ * (Default: all SHA-2 hashes, largest first. Also SHA-1 if
+ * the compile-time option
+ * `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is enabled.)
*
* \note This only affects which hashes are offered and can be used
* for signatures during the handshake. Hashes for message
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 8e389f8..64ccb43 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -263,12 +263,21 @@
/**
* Default security profile. Should provide a good balance between security
* and compatibility with current deployments.
+ *
+ * This profile permits:
+ * - SHA2 hashes.
+ * - All supported elliptic curves.
+ * - RSA with 2048 bits and above.
+ *
+ * New minor versions of Mbed TLS may extend this profile, for example if
+ * new curves are added to the library. New minor versions of Mbed TLS will
+ * not reduce this profile unless serious security concerns require it.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;
/**
* Expected next default profile. Recommended for new deployments.
- * Currently targets a 128-bit security level, except for RSA-2048.
+ * Currently targets a 128-bit security level, except for allowing RSA-2048.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index 75801a1..d7a69e5 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -113,7 +113,10 @@
psa_algorithm_t alg;
uint8_t iv_length;
uint8_t block_length;
- mbedtls_cipher_context_t cipher;
+ union {
+ unsigned int dummy;
+ mbedtls_cipher_context_t cipher;
+ } ctx;
} mbedtls_psa_cipher_operation_t;
#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 8acf22c..66f4687 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -81,6 +81,18 @@
#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
+/*
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
+ * (Secure Partition Manager) integration which separates the code into two
+ * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
+ * Environment). When building for the SPE, an additional header file should be
+ * included.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#define PSA_CRYPTO_SECURE 1
+#include "crypto_spe.h"
+#endif // MBEDTLS_PSA_CRYPTO_SPM
+
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
/** The type of the context passed to mbedtls_psa_external_get_random().
*
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 47012fd..94242f8 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -391,9 +391,19 @@
return( attributes->core.lifetime );
}
+static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags )
+{
+ if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH )
+ *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
+
+ if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
+ *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+}
+
static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags)
{
+ psa_extend_key_usage_flags( &usage_flags );
attributes->core.policy.usage = usage_flags;
}
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index dccb173..3c82f2a 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1895,6 +1895,27 @@
(PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
PSA_KEY_PERSISTENCE_VOLATILE)
+/** Whether a key lifetime indicates that the key is read-only.
+ *
+ * Read-only keys cannot be created or destroyed through the PSA Crypto API.
+ * They must be created through platform-specific means that bypass the API.
+ *
+ * Some platforms may offer ways to destroy read-only keys. For example,
+ * consider a platform with multiple levels of privilege, where a
+ * low-privilege application can use a key but is not allowed to destroy
+ * it, and the platform exposes the key to the application with a read-only
+ * lifetime. High-privilege code can destroy the key even though the
+ * application sees the key as read-only.
+ *
+ * \param lifetime The lifetime value to query (value of type
+ * ::psa_key_lifetime_t).
+ *
+ * \return \c 1 if the key is read-only, otherwise \c 0.
+ */
+#define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
+ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
+ PSA_KEY_PERSISTENCE_READ_ONLY)
+
/** Construct a lifetime from a persistence level and a location.
*
* \param persistence The persistence level
@@ -2015,7 +2036,7 @@
*/
static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
{
- return( ( key.key_id == 0 ) && ( key.owner == 0 ) );
+ return( key.key_id == 0 );
}
#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
diff --git a/library/bignum.c b/library/bignum.c
index dd80eb4..20afa22 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -203,7 +203,13 @@
}
/*
- * Copy the contents of Y into X
+ * Copy the contents of Y into X.
+ *
+ * This function is not constant-time. Leading zeros in Y may be removed.
+ *
+ * Ensure that X does not shrink. This is not guaranteed by the public API,
+ * but some code in the bignum module relies on this property, for example
+ * in mbedtls_mpi_exp_mod().
*/
int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y )
{
@@ -217,7 +223,11 @@
if( Y->n == 0 )
{
- mbedtls_mpi_free( X );
+ if( X->n != 0 )
+ {
+ X->s = 1;
+ memset( X->p, 0, X->n * ciL );
+ }
return( 0 );
}
@@ -575,6 +585,12 @@
mbedtls_mpi_init( &T );
+ if( s[0] == 0 )
+ {
+ mbedtls_mpi_free( X );
+ return( 0 );
+ }
+
if( s[0] == '-' )
{
++s;
@@ -1698,6 +1714,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t i, j;
mbedtls_mpi TA, TB;
+ int result_is_zero = 0;
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL );
MPI_VALIDATE_RET( B != NULL );
@@ -1710,10 +1727,14 @@
for( i = A->n; i > 0; i-- )
if( A->p[i - 1] != 0 )
break;
+ if( i == 0 )
+ result_is_zero = 1;
for( j = B->n; j > 0; j-- )
if( B->p[j - 1] != 0 )
break;
+ if( j == 0 )
+ result_is_zero = 1;
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
@@ -1721,7 +1742,14 @@
for( ; j > 0; j-- )
mpi_mul_hlp( i, A->p, X->p + j - 1, B->p[j - 1] );
- X->s = A->s * B->s;
+ /* If the result is 0, we don't shortcut the operation, which reduces
+ * but does not eliminate side channels leaking the zero-ness. We do
+ * need to take care to set the sign bit properly since the library does
+ * not fully support an MPI object with a value of 0 and s == -1. */
+ if( result_is_zero )
+ X->s = 1;
+ else
+ X->s = A->s * B->s;
cleanup:
@@ -2314,6 +2342,11 @@
#endif
j = N->n + 1;
+ /* All W[i] and X must have at least N->n limbs for the mpi_montmul()
+ * and mpi_montred() calls later. Here we ensure that W[1] and X are
+ * large enough, and later we'll grow other W[i] to the same length.
+ * They must not be shrunk midway through this function!
+ */
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) );
@@ -2348,10 +2381,18 @@
* W[1] = A * R^2 * R^-1 mod N = A * R mod N
*/
if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 )
+ {
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) );
+ /* This should be a no-op because W[1] is already that large before
+ * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow
+ * in mpi_montmul() below, so let's make sure. */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n + 1 ) );
+ }
else
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) );
+ /* Note that this is safe because W[1] always has at least N->n limbs
+ * (it grew above and was preserved by mbedtls_mpi_copy()). */
mpi_montmul( &W[1], &RR, N, mm, &T );
/*
@@ -2509,19 +2550,67 @@
lz = mbedtls_mpi_lsb( &TA );
lzt = mbedtls_mpi_lsb( &TB );
+ /* The loop below gives the correct result when A==0 but not when B==0.
+ * So have a special case for B==0. Leverage the fact that we just
+ * calculated the lsb and lsb(B)==0 iff B is odd or 0 to make the test
+ * slightly more efficient than cmp_int(). */
+ if( lzt == 0 && mbedtls_mpi_get_bit( &TB, 0 ) == 0 )
+ {
+ ret = mbedtls_mpi_copy( G, A );
+ goto cleanup;
+ }
+
if( lzt < lz )
lz = lzt;
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, lz ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, lz ) );
-
TA.s = TB.s = 1;
+ /* We mostly follow the procedure described in HAC 14.54, but with some
+ * minor differences:
+ * - Sequences of multiplications or divisions by 2 are grouped into a
+ * single shift operation.
+ * - The procedure in HAC assumes that 0 < TB <= TA.
+ * - The condition TB <= TA is not actually necessary for correctness.
+ * TA and TB have symmetric roles except for the loop termination
+ * condition, and the shifts at the beginning of the loop body
+ * remove any significance from the ordering of TA vs TB before
+ * the shifts.
+ * - If TA = 0, the loop goes through 0 iterations and the result is
+ * correctly TB.
+ * - The case TB = 0 was short-circuited above.
+ *
+ * For the correctness proof below, decompose the original values of
+ * A and B as
+ * A = sa * 2^a * A' with A'=0 or A' odd, and sa = +-1
+ * B = sb * 2^b * B' with B'=0 or B' odd, and sb = +-1
+ * Then gcd(A, B) = 2^{min(a,b)} * gcd(A',B'),
+ * and gcd(A',B') is odd or 0.
+ *
+ * At the beginning, we have TA = |A| and TB = |B| so gcd(A,B) = gcd(TA,TB).
+ * The code maintains the following invariant:
+ * gcd(A,B) = 2^k * gcd(TA,TB) for some k (I)
+ */
+
+ /* Proof that the loop terminates:
+ * At each iteration, either the right-shift by 1 is made on a nonzero
+ * value and the nonnegative integer bitlen(TA) + bitlen(TB) decreases
+ * by at least 1, or the right-shift by 1 is made on zero and then
+ * TA becomes 0 which ends the loop (TB cannot be 0 if it is right-shifted
+ * since in that case TB is calculated from TB-TA with the condition TB>TA).
+ */
while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 )
{
+ /* Divisions by 2 preserve the invariant (I). */
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) );
+ /* Set either TA or TB to |TA-TB|/2. Since TA and TB are both odd,
+ * TA-TB is even so the division by 2 has an integer result.
+ * Invariant (I) is preserved since any odd divisor of both TA and TB
+ * also divides |TA-TB|/2, and any odd divisor of both TA and |TA-TB|/2
+ * also divides TB, and any odd divisior of both TB and |TA-TB|/2 also
+ * divides TA.
+ */
if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) );
@@ -2532,8 +2621,18 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) );
}
+ /* Note that one of TA or TB is still odd. */
}
+ /* By invariant (I), gcd(A,B) = 2^k * gcd(TA,TB) for some k.
+ * At the loop exit, TA = 0, so gcd(TA,TB) = TB.
+ * - If there was at least one loop iteration, then one of TA or TB is odd,
+ * and TA = 0, so TB is odd and gcd(TA,TB) = gcd(A',B'). In this case,
+ * lz = min(a,b) so gcd(A,B) = 2^lz * TB.
+ * - If there was no loop iteration, then A was 0, and gcd(A,B) = B.
+ * In this case, lz = 0 and B = TB so gcd(A,B) = B = 2^lz * TB as well.
+ */
+
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) );
diff --git a/library/debug.c b/library/debug.c
index e91d1ad..e108600 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -220,8 +220,8 @@
const char *text, const mbedtls_mpi *X )
{
char str[DEBUG_BUF_SIZE];
- int j, k, zeros = 1;
- size_t i, n, idx = 0;
+ size_t bitlen;
+ size_t idx = 0;
if( NULL == ssl ||
NULL == ssl->conf ||
@@ -232,55 +232,43 @@
return;
}
- for( n = X->n - 1; n > 0; n-- )
- if( X->p[n] != 0 )
- break;
+ bitlen = mbedtls_mpi_bitlen( X );
- for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
- if( ( ( X->p[n] >> j ) & 1 ) != 0 )
- break;
-
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n",
- text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
-
+ mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n",
+ text, (unsigned) bitlen );
debug_send_line( ssl, level, file, line, str );
- idx = 0;
- for( i = n + 1, j = 0; i > 0; i-- )
+ if( bitlen == 0 )
{
- if( zeros && X->p[i - 1] == 0 )
- continue;
-
- for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
+ str[0] = ' '; str[1] = '0'; str[2] = '0';
+ idx = 3;
+ }
+ else
+ {
+ int n;
+ for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- )
{
- if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
- continue;
- else
- zeros = 0;
-
- if( j % 16 == 0 )
+ size_t limb_offset = n / sizeof( mbedtls_mpi_uint );
+ size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint );
+ unsigned char octet =
+ ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff;
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet );
+ idx += 3;
+ /* Wrap lines after 16 octets that each take 3 columns */
+ if( idx >= 3 * 16 )
{
- if( j > 0 )
- {
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
- debug_send_line( ssl, level, file, line, str );
- idx = 0;
- }
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+ debug_send_line( ssl, level, file, line, str );
+ idx = 0;
}
-
- idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int)
- ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
-
- j++;
}
-
}
- if( zeros == 1 )
- idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" );
-
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
- debug_send_line( ssl, level, file, line, str );
+ if( idx != 0 )
+ {
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+ debug_send_line( ssl, level, file, line, str );
+ }
}
#endif /* MBEDTLS_BIGNUM_C */
diff --git a/library/pk.c b/library/pk.c
index ecf002d..05cc213 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -235,12 +235,15 @@
{
const mbedtls_md_info_t *md_info;
- if( *hash_len != 0 )
+ if( *hash_len != 0 && md_alg == MBEDTLS_MD_NONE )
return( 0 );
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
return( -1 );
+ if ( *hash_len != 0 && *hash_len != mbedtls_md_get_size( md_info ) )
+ return ( -1 );
+
*hash_len = mbedtls_md_get_size( md_info );
return( 0 );
}
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e36c82f..a424c89 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -26,7 +26,6 @@
#include "check_crypto_config.h"
#endif
-#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_cipher.h"
@@ -1133,6 +1132,17 @@
return( PSA_ERROR_GENERIC_ERROR );
}
+ if( PSA_KEY_LIFETIME_IS_READ_ONLY( slot->attr.lifetime ) )
+ {
+ /* Refuse the destruction of a read-only key (which may or may not work
+ * if we attempt it, depending on whether the key is merely read-only
+ * by policy or actually physically read-only).
+ * Just do the best we can, which is to wipe the copy in memory
+ * (done in this function's cleanup code). */
+ overall_status = PSA_ERROR_NOT_PERMITTED;
+ goto exit;
+ }
+
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
driver = psa_get_se_driver_entry( slot->attr.lifetime );
if( driver != NULL )
@@ -1194,12 +1204,10 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
exit:
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
status = psa_wipe_key_slot( slot );
/* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
- if( overall_status == PSA_SUCCESS )
+ if( status != PSA_SUCCESS )
overall_status = status;
return( overall_status );
}
@@ -2160,34 +2168,54 @@
psa_status_t psa_hash_setup( psa_hash_operation_t *operation,
psa_algorithm_t alg )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
/* A context must be freshly initialized before it can be set up. */
if( operation->id != 0 )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
if( !PSA_ALG_IS_HASH( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
/* Ensure all of the context is zeroized, since PSA_HASH_OPERATION_INIT only
* directly zeroes the int-sized dummy member of the context union. */
memset( &operation->ctx, 0, sizeof( operation->ctx ) );
- return( psa_driver_wrapper_hash_setup( operation, alg ) );
+ status = psa_driver_wrapper_hash_setup( operation, alg );
+
+exit:
+ if( status != PSA_SUCCESS )
+ psa_hash_abort( operation );
+
+ return status;
}
psa_status_t psa_hash_update( psa_hash_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
if( operation->id == 0 )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
/* Don't require hash implementations to behave correctly on a
* zero-length input, which may have an invalid pointer. */
if( input_length == 0 )
return( PSA_SUCCESS );
- psa_status_t status = psa_driver_wrapper_hash_update( operation,
- input, input_length );
+ status = psa_driver_wrapper_hash_update( operation, input, input_length );
+
+exit:
if( status != PSA_SUCCESS )
psa_hash_abort( operation );
@@ -2219,13 +2247,24 @@
operation,
actual_hash, sizeof( actual_hash ),
&actual_hash_length );
+
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
+
if( actual_hash_length != hash_length )
- return( PSA_ERROR_INVALID_SIGNATURE );
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+
if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
- return( PSA_ERROR_INVALID_SIGNATURE );
- return( PSA_SUCCESS );
+ status = PSA_ERROR_INVALID_SIGNATURE;
+
+exit:
+ if( status != PSA_SUCCESS )
+ psa_hash_abort(operation);
+
+ return( status );
}
psa_status_t psa_hash_compute( psa_algorithm_t alg,
@@ -2300,6 +2339,46 @@
return( status );
}
+static psa_status_t psa_mac_finalize_alg_and_key_validation(
+ psa_algorithm_t alg,
+ const psa_key_attributes_t *attributes,
+ uint8_t *mac_size )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t key_type = psa_get_key_type( attributes );
+ size_t key_bits = psa_get_key_bits( attributes );
+
+ if( ! PSA_ALG_IS_MAC( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Validate the combination of key type and algorithm */
+ status = psa_mac_key_can_do( alg, key_type );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* Get the output length for the algorithm and key combination */
+ *mac_size = PSA_MAC_LENGTH( key_type, key_bits, alg );
+
+ if( *mac_size < 4 )
+ {
+ /* A very short MAC is too short for security since it can be
+ * brute-forced. Ancient protocols with 32-bit MACs do exist,
+ * so we make this our minimum, even though 32 bits is still
+ * too small for security. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( *mac_size > PSA_MAC_LENGTH( key_type, key_bits,
+ PSA_ALG_FULL_LENGTH_MAC( alg ) ) )
+ {
+ /* It's impossible to "truncate" to a larger length than the full length
+ * of the algorithm. */
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ return( PSA_SUCCESS );
+}
+
static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
@@ -2307,14 +2386,14 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
+ psa_key_slot_t *slot = NULL;
/* A context must be freshly initialized before it can be set up. */
if( operation->id != 0 )
- return( PSA_ERROR_BAD_STATE );
-
- if( ! PSA_ALG_IS_MAC( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
status = psa_get_and_lock_key_slot_with_policy(
key,
@@ -2322,45 +2401,18 @@
is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH,
alg );
if( status != PSA_SUCCESS )
- return( status );
+ goto exit;
psa_key_attributes_t attributes = {
.core = slot->attr
};
- /* Validate the combination of key type and algorithm */
- status = psa_mac_key_can_do( alg, psa_get_key_type( &attributes ) );
+ status = psa_mac_finalize_alg_and_key_validation( alg, &attributes,
+ &operation->mac_size );
if( status != PSA_SUCCESS )
goto exit;
operation->is_sign = is_sign;
-
- /* Get the output length for the algorithm and key combination */
- operation->mac_size = PSA_MAC_LENGTH(
- psa_get_key_type( &attributes ),
- psa_get_key_bits( &attributes ),
- alg );
-
- if( operation->mac_size < 4 )
- {
- /* A very short MAC is too short for security since it can be
- * brute-forced. Ancient protocols with 32-bit MACs do exist,
- * so we make this our minimum, even though 32 bits is still
- * too small for security. */
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
-
- if( operation->mac_size > PSA_MAC_LENGTH( psa_get_key_type( &attributes ),
- psa_get_key_bits( &attributes ),
- PSA_ALG_FULL_LENGTH_MAC( alg ) ) )
- {
- /* It's impossible to "truncate" to a larger length than the full length
- * of the algorithm. */
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
-
/* Dispatch the MAC setup call with validated input */
if( is_sign )
{
@@ -2430,47 +2482,53 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
- /* Set the output length and content to a safe default, such that in
- * case the caller misses an error check, the output would be an
- * unachievable MAC. */
- *mac_length = mac_size;
-
if( operation->id == 0 )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
if( ! operation->is_sign )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
/* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL)
* once all the error checks are done. */
if( operation->mac_size == 0 )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
if( mac_size < operation->mac_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
status = psa_driver_wrapper_mac_sign_finish( operation,
mac, operation->mac_size,
mac_length );
- if( status == PSA_SUCCESS )
+exit:
+ /* In case of success, set the potential excess room in the output buffer
+ * to an invalid value, to avoid potentially leaking a longer MAC.
+ * In case of error, set the output length and content to a safe default,
+ * such that in case the caller misses an error check, the output would be
+ * an unachievable MAC.
+ */
+ if( status != PSA_SUCCESS )
{
- /* Set the excess room in the output buffer to an invalid value, to
- * avoid potentially leaking a longer MAC. */
- if( mac_size > operation->mac_size )
- memset( &mac[operation->mac_size],
- '!',
- mac_size - operation->mac_size );
- }
- else
- {
- /* Set the output length and content to a safe default, such that in
- * case the caller misses an error check, the output would be an
- * unachievable MAC. */
*mac_length = mac_size;
- memset( mac, '!', mac_size );
+ operation->mac_size = 0;
}
+ if( mac_size > operation->mac_size )
+ memset( &mac[operation->mac_size], '!',
+ mac_size - operation->mac_size );
+
abort_status = psa_mac_abort( operation );
return( status == PSA_SUCCESS ? abort_status : status );
@@ -2484,27 +2542,142 @@
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
if( operation->id == 0 )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
if( operation->is_sign )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
if( operation->mac_size != mac_length )
{
status = PSA_ERROR_INVALID_SIGNATURE;
- goto cleanup;
+ goto exit;
}
status = psa_driver_wrapper_mac_verify_finish( operation,
mac, mac_length );
-cleanup:
+exit:
abort_status = psa_mac_abort( operation );
return( status == PSA_SUCCESS ? abort_status : status );
}
+static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length,
+ int is_sign )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+ uint8_t operation_mac_size = 0;
+ status = psa_get_and_lock_key_slot_with_policy(
+ key, &slot,
+ is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH,
+ alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ status = psa_mac_finalize_alg_and_key_validation( alg, &attributes,
+ &operation_mac_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( mac_size < operation_mac_size )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_mac_compute(
+ &attributes,
+ slot->key.data, slot->key.bytes,
+ alg,
+ input, input_length,
+ mac, operation_mac_size, mac_length );
+
+exit:
+ /* In case of success, set the potential excess room in the output buffer
+ * to an invalid value, to avoid potentially leaking a longer MAC.
+ * In case of error, set the output length and content to a safe default,
+ * such that in case the caller misses an error check, the output would be
+ * an unachievable MAC.
+ */
+ if( status != PSA_SUCCESS )
+ {
+ *mac_length = mac_size;
+ operation_mac_size = 0;
+ }
+ if( mac_size > operation_mac_size )
+ memset( &mac[operation_mac_size], '!', mac_size - operation_mac_size );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+}
+
+psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ return( psa_mac_compute_internal( key, alg,
+ input, input_length,
+ mac, mac_size, mac_length, 1 ) );
+}
+
+psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ uint8_t actual_mac[PSA_MAC_MAX_SIZE];
+ size_t actual_mac_length;
+
+ status = psa_mac_compute_internal( key, alg,
+ input, input_length,
+ actual_mac, sizeof( actual_mac ),
+ &actual_mac_length, 0 );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( mac_length != actual_mac_length )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+ if( mbedtls_psa_safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+
+exit:
+ mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
+
+ return ( status );
+}
/****************************************************************/
/* Asymmetric cryptography */
@@ -3134,20 +3307,24 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
- psa_key_slot_t *slot;
+ psa_key_slot_t *slot = NULL;
psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ?
PSA_KEY_USAGE_ENCRYPT :
PSA_KEY_USAGE_DECRYPT );
/* A context must be freshly initialized before it can be set up. */
if( operation->id != 0 )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
- /* The requested algorithm must be one that can be processed by cipher. */
if( ! PSA_ALG_IS_CIPHER( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
- /* Fetch key material from key storage. */
status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg );
if( status != PSA_SUCCESS )
goto exit;
@@ -3215,12 +3392,14 @@
if( operation->id == 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
if( operation->iv_set || ! operation->iv_required )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
if( iv_size < operation->default_iv_length )
@@ -3256,18 +3435,28 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
if( operation->id == 0 )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
if( operation->iv_set || ! operation->iv_required )
- return( PSA_ERROR_BAD_STATE );
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
if( iv_length > PSA_CIPHER_IV_MAX_SIZE )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
status = psa_driver_wrapper_cipher_set_iv( operation,
iv,
iv_length );
+exit:
if( status == PSA_SUCCESS )
operation->iv_set = 1;
else
@@ -3286,11 +3475,14 @@
if( operation->id == 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
+
if( operation->iv_required && ! operation->iv_set )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
status = psa_driver_wrapper_cipher_update( operation,
@@ -3299,6 +3491,8 @@
output,
output_size,
output_length );
+
+exit:
if( status != PSA_SUCCESS )
psa_cipher_abort( operation );
@@ -3314,17 +3508,22 @@
if( operation->id == 0 )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
+
if( operation->iv_required && ! operation->iv_set )
{
- return( PSA_ERROR_BAD_STATE );
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
}
status = psa_driver_wrapper_cipher_finish( operation,
output,
output_size,
output_length );
+
+exit:
if( status == PSA_SUCCESS )
return( psa_cipher_abort( operation ) );
else
@@ -3355,6 +3554,107 @@
return( PSA_SUCCESS );
}
+psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+ psa_key_type_t key_type;
+ size_t iv_length;
+
+ *output_length = 0;
+
+ if( ! PSA_ALG_IS_CIPHER( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot,
+ PSA_KEY_USAGE_ENCRYPT,
+ alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ key_type = slot->attr.type;
+ iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg );
+
+ if( iv_length > 0 )
+ {
+ if( output_size < iv_length )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ status = psa_generate_random( output, iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_cipher_encrypt(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ output, output_size, output_length );
+
+exit:
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+}
+
+psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+
+ *output_length = 0;
+
+ if( ! PSA_ALG_IS_CIPHER( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_and_lock_key_slot_with_policy( key, &slot,
+ PSA_KEY_USAGE_DECRYPT,
+ alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ if( input_length < PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ) )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_cipher_decrypt(
+ &attributes, slot->key.data, slot->key.bytes,
+ alg, input, input_length,
+ output, output_size, output_length );
+
+exit:
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+}
+
+
/****************************************************************/
/* AEAD */
/****************************************************************/
diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index 4992a6e..2213ad0 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -163,9 +163,7 @@
(void)key_buffer_size;
- /* Proceed with initializing an mbed TLS cipher context if no driver is
- * available for the given algorithm & key. */
- mbedtls_cipher_init( &operation->cipher );
+ mbedtls_cipher_init( &operation->ctx.cipher );
operation->alg = alg;
key_bits = attributes->core.bits;
@@ -174,7 +172,7 @@
if( cipher_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED );
- ret = mbedtls_cipher_setup( &operation->cipher, cipher_info );
+ ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
if( ret != 0 )
goto exit;
@@ -185,14 +183,14 @@
uint8_t keys[24];
memcpy( keys, key_buffer, 16 );
memcpy( keys + 16, key_buffer, 8 );
- ret = mbedtls_cipher_setkey( &operation->cipher,
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
keys,
192, cipher_operation );
}
else
#endif
{
- ret = mbedtls_cipher_setkey( &operation->cipher, key_buffer,
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer,
(int) key_bits, cipher_operation );
}
if( ret != 0 )
@@ -203,11 +201,11 @@
switch( alg )
{
case PSA_ALG_CBC_NO_PADDING:
- ret = mbedtls_cipher_set_padding_mode( &operation->cipher,
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
MBEDTLS_PADDING_NONE );
break;
case PSA_ALG_CBC_PKCS7:
- ret = mbedtls_cipher_set_padding_mode( &operation->cipher,
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
MBEDTLS_PADDING_PKCS7 );
break;
default:
@@ -256,7 +254,7 @@
return( PSA_ERROR_INVALID_ARGUMENT );
return( mbedtls_to_psa_error(
- mbedtls_cipher_set_iv( &operation->cipher,
+ mbedtls_cipher_set_iv( &operation->ctx.cipher,
iv, iv_length ) ) );
}
@@ -365,7 +363,7 @@
* the last partial block, if any. You get the data that will be
* output in this call. */
expected_output_size =
- ( operation->cipher.unprocessed_len + input_length )
+ ( operation->ctx.cipher.unprocessed_len + input_length )
/ operation->block_length * operation->block_length;
}
else
@@ -381,7 +379,7 @@
/* mbedtls_cipher_update has an API inconsistency: it will only
* process a single block at a time in ECB mode. Abstract away that
* inconsistency here to match the PSA API behaviour. */
- status = psa_cipher_update_ecb( &operation->cipher,
+ status = psa_cipher_update_ecb( &operation->ctx.cipher,
input,
input_length,
output,
@@ -391,8 +389,11 @@
else
{
status = mbedtls_to_psa_error(
- mbedtls_cipher_update( &operation->cipher, input,
+ mbedtls_cipher_update( &operation->ctx.cipher, input,
input_length, output, output_length ) );
+
+ if( *output_length > output_size )
+ return( PSA_ERROR_CORRUPTION_DETECTED );
}
return( status );
@@ -406,7 +407,7 @@
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
- if( operation->cipher.unprocessed_len != 0 )
+ if( operation->ctx.cipher.unprocessed_len != 0 )
{
if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
operation->alg == PSA_ALG_CBC_NO_PADDING )
@@ -417,7 +418,7 @@
}
status = mbedtls_to_psa_error(
- mbedtls_cipher_finish( &operation->cipher,
+ mbedtls_cipher_finish( &operation->ctx.cipher,
temp_output_buffer,
output_length ) );
if( status != PSA_SUCCESS )
@@ -444,10 +445,112 @@
if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
return( PSA_ERROR_BAD_STATE );
- mbedtls_cipher_free( &operation->cipher );
+ mbedtls_cipher_free( &operation->ctx.cipher );
return( PSA_SUCCESS );
}
+
+static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+ size_t olength, accumulated_length;
+
+ status = cipher_encrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = 0;
+ if( operation.iv_length > 0 )
+ {
+ status = cipher_set_iv( &operation, output, operation.iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = operation.iv_length;
+ }
+
+ status = cipher_update( &operation, input, input_length,
+ output + operation.iv_length,
+ output_size - operation.iv_length,
+ &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length += olength;
+
+ status = cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *output_length = accumulated_length + olength;
+
+exit:
+ if( status == PSA_SUCCESS )
+ status = cipher_abort( &operation );
+ else
+ cipher_abort( &operation );
+ return( status );
+}
+
+static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+ size_t olength, accumulated_length;
+
+ status = cipher_decrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( operation.iv_length > 0 )
+ {
+ status = cipher_set_iv( &operation, input, operation.iv_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = cipher_update( &operation, input + operation.iv_length,
+ input_length - operation.iv_length,
+ output, output_size, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ accumulated_length = olength;
+
+ status = cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length, &olength );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *output_length = accumulated_length + olength;
+
+exit:
+ if ( status == PSA_SUCCESS )
+ status = cipher_abort( &operation );
+ else
+ cipher_abort( &operation );
+ return( status );
+}
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
@@ -501,6 +604,36 @@
{
return( cipher_abort( operation ) );
}
+
+psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
/*
@@ -556,6 +689,38 @@
{
return( cipher_abort( operation ) );
}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+}
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h
index 3e1a7a0..5971e8d 100644
--- a/library/psa_crypto_cipher.h
+++ b/library/psa_crypto_cipher.h
@@ -199,6 +199,111 @@
*/
psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation );
+/** Encrypt a message using a symmetric cipher.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_encrypt entry point. This function behaves as a
+ * cipher_encrypt entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[in] input Buffer containing the message to encrypt.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[in,out] output Buffer where the output is to be written.
+ * The core has generated and written the IV
+ * at the beginning of this buffer before
+ * this function is called. The size of the IV
+ * is PSA_CIPHER_IV_LENGTH( key_type, alg ) where
+ * \c key_type is the type of the key identified
+ * by \p key and \p alg is the cipher algorithm
+ * to compute.
+ * \param[in] output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes that make up
+ * the returned output. Initialized to zero
+ * by the core.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size of \p iv is not acceptable for the chosen algorithm,
+ * or the chosen algorithm does not use an IV.
+ * The total input size passed to this operation is not valid for
+ * this particular algorithm. For example, the algorithm is a based
+ * on block cipher and requires a whole number of blocks, but the
+ * total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ * This is a decryption operation for an algorithm that includes
+ * padding, and the ciphertext does not contain valid padding.
+ */
+psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
+
+/** Decrypt a message using a symmetric cipher.
+ *
+ * \note The signature of this function is that of a PSA driver
+ * cipher_decrypt entry point. This function behaves as a
+ * cipher_decrypt entry point as defined in the PSA driver
+ * interface specification for transparent drivers.
+ *
+ * \param[in] attributes The attributes of the key to use for the
+ * operation.
+ * \param[in] key_buffer The buffer containing the key context.
+ * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes.
+ * \param[in] alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[in] input Buffer containing the iv and the ciphertext.
+ * \param[in] input_length Size of the \p input buffer in bytes.
+ * \param[out] output Buffer where the output is to be written.
+ * \param[in] output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes that make up
+ * the returned output. Initialized to zero
+ * by the core.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size of \p iv is not acceptable for the chosen algorithm,
+ * or the chosen algorithm does not use an IV.
+ * The total input size passed to this operation is not valid for
+ * this particular algorithm. For example, the algorithm is a based
+ * on block cipher and requires a whole number of blocks, but the
+ * total input size is not a multiple of the block size.
+ * \retval #PSA_ERROR_INVALID_PADDING
+ * This is a decryption operation for an algorithm that includes
+ * padding, and the ciphertext does not contain valid padding.
+ */
+psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
+
/*
* BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
*/
@@ -231,6 +336,28 @@
psa_status_t mbedtls_transparent_test_driver_cipher_abort(
mbedtls_psa_cipher_operation_t *operation );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
+
+psa_status_t mbedtls_transparent_test_driver_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_CIPHER_H */
diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c
index e84cf30..629feb7 100644
--- a/library/psa_crypto_client.c
+++ b/library/psa_crypto_client.c
@@ -19,7 +19,6 @@
*/
#include "common.h"
-#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index f61e5eb..f7240ce 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -736,7 +736,9 @@
* Cipher functions
*/
psa_status_t psa_driver_wrapper_cipher_encrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -744,22 +746,20 @@
size_t output_size,
size_t *output_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = mbedtls_test_transparent_cipher_encrypt( &attributes,
- slot->key.data,
- slot->key.bytes,
+ status = mbedtls_test_transparent_cipher_encrypt( attributes,
+ key_buffer,
+ key_buffer_size,
alg,
input,
input_length,
@@ -770,14 +770,29 @@
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
- /* Fell through, meaning no accelerator supports this operation */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_encrypt( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length ) );
+#else
return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LOCATION:
- return( mbedtls_test_opaque_cipher_encrypt( &attributes,
- slot->key.data,
- slot->key.bytes,
+ return( mbedtls_test_opaque_cipher_encrypt( attributes,
+ key_buffer,
+ key_buffer_size,
alg,
input,
input_length,
@@ -785,25 +800,27 @@
output_size,
output_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
default:
/* Key is declared with a lifetime not known to us */
- return( status );
+ (void)status;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)input;
+ (void)input_length;
+ (void)output;
+ (void)output_size;
+ (void)output_length;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) slot;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_size;
- (void) output_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_decrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -811,22 +828,20 @@
size_t output_size,
size_t *output_length )
{
-#if defined(PSA_CRYPTO_DRIVER_PRESENT) && defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
- psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
- psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime);
- psa_key_attributes_t attributes = {
- .core = slot->attr
- };
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_location_t location =
+ PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime );
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
/* Key is stored in the slot in export representation, so
* cycle through all known transparent accelerators */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
- status = mbedtls_test_transparent_cipher_decrypt( &attributes,
- slot->key.data,
- slot->key.bytes,
+ status = mbedtls_test_transparent_cipher_decrypt( attributes,
+ key_buffer,
+ key_buffer_size,
alg,
input,
input_length,
@@ -837,14 +852,29 @@
if( status != PSA_ERROR_NOT_SUPPORTED )
return( status );
#endif /* PSA_CRYPTO_DRIVER_TEST */
- /* Fell through, meaning no accelerator supports this operation */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_decrypt( attributes,
+ key_buffer,
+ key_buffer_size,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ output_length ) );
+#else
return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
+
/* Add cases for opaque driver here */
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TEST_DRIVER_LOCATION:
- return( mbedtls_test_opaque_cipher_decrypt( &attributes,
- slot->key.data,
- slot->key.bytes,
+ return( mbedtls_test_opaque_cipher_decrypt( attributes,
+ key_buffer,
+ key_buffer_size,
alg,
input,
input_length,
@@ -852,21 +882,21 @@
output_size,
output_length ) );
#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+
default:
/* Key is declared with a lifetime not known to us */
- return( status );
+ (void)status;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)input;
+ (void)input_length;
+ (void)output;
+ (void)output_size;
+ (void)output_length;
+ return( PSA_ERROR_INVALID_ARGUMENT );
}
-#else /* PSA_CRYPTO_DRIVER_PRESENT */
- (void) slot;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) output;
- (void) output_size;
- (void) output_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
psa_status_t psa_driver_wrapper_cipher_encrypt_setup(
diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h
index 732ed2a..38a6ee8 100644
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@@ -98,7 +98,9 @@
* Cipher functions
*/
psa_status_t psa_driver_wrapper_cipher_encrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -107,7 +109,9 @@
size_t *output_length );
psa_status_t psa_driver_wrapper_cipher_decrypt(
- psa_key_slot_t *slot,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c
index 20c56a0..135fa35 100644
--- a/library/psa_crypto_mac.c
+++ b/library/psa_crypto_mac.c
@@ -359,30 +359,6 @@
return( status );
}
-static psa_status_t mac_compute(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- /* One-shot MAC has not been implemented in this PSA implementation yet. */
- (void) attributes;
- (void) key_buffer;
- (void) key_buffer_size;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) mac;
- (void) mac_size;
- (void) mac_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
static psa_status_t mac_update(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *input,
@@ -497,6 +473,44 @@
return( status );
}
+
+static psa_status_t mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT;
+
+ status = mac_setup( &operation,
+ attributes, key_buffer, key_buffer_size,
+ alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( input_length > 0 )
+ {
+ status = mac_update( &operation, input, input_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = mac_finish_internal( &operation, mac, mac_size );
+ if( status == PSA_SUCCESS )
+ *mac_length = mac_size;
+
+exit:
+ mac_abort( &operation );
+
+ return( status );
+}
+
#endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */
#if defined(MBEDTLS_PSA_BUILTIN_MAC)
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index 08db7a4..80b9985 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@@ -360,27 +360,14 @@
return( PSA_ERROR_INVALID_ARGUMENT );
#endif
-#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
- /* For PKCS#1 v1.5 signature, if using a hash, the hash length
- * must be correct. */
- if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
- alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
+ /* For signatures using a hash, the hash length must be correct. */
+ if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
{
if( md_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED );
if( mbedtls_md_get_size( md_info ) != hash_length )
return( PSA_ERROR_INVALID_ARGUMENT );
}
-#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-
-#if defined(BUILTIN_ALG_RSA_PSS)
- /* PSS requires a hash internally. */
- if( PSA_ALG_IS_RSA_PSS( alg ) )
- {
- if( md_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- }
-#endif /* BUILTIN_ALG_RSA_PSS */
return( PSA_SUCCESS );
}
@@ -512,7 +499,7 @@
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE,
MBEDTLS_RSA_PUBLIC,
- MBEDTLS_MD_NONE,
+ md_alg,
(unsigned int) hash_length,
hash,
signature );
diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h
deleted file mode 100644
index 87889af..0000000
--- a/library/psa_crypto_service_integration.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H
-#define PSA_CRYPTO_SERVICE_INTEGRATION_H
-
-/*
- * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
- * (Secure Partition Manager) integration which separates the code into two
- * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
- * Environment). When building for the SPE, an additional header file should be
- * included.
- */
-#if defined(MBEDTLS_PSA_CRYPTO_SPM)
-/*
- * PSA_CRYPTO_SECURE means that the file which included this file is being
- * compiled for SPE. The files crypto_structs.h and crypto_types.h have
- * different implementations for NSPE and SPE and are compiled according to this
- * flag.
- */
-#define PSA_CRYPTO_SECURE 1
-#include "crypto_spe.h"
-#endif // MBEDTLS_PSA_CRYPTO_SPM
-
-#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 0b1a3c1..76d7a07 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -22,7 +22,6 @@
#if defined(MBEDTLS_PSA_CRYPTO_C)
-#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_core.h"
@@ -392,6 +391,10 @@
if( status == PSA_ERROR_DOES_NOT_EXIST )
status = PSA_ERROR_INVALID_HANDLE;
}
+ else
+ /* Add implicit usage flags. */
+ psa_extend_key_usage_flags( &(*p_slot)->attr.policy.usage );
+
return( status );
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
return( PSA_ERROR_INVALID_HANDLE );
@@ -466,7 +469,10 @@
{
/* Persistent keys require storage support */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- return( PSA_SUCCESS );
+ if( PSA_KEY_LIFETIME_IS_READ_ONLY( lifetime ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ else
+ return( PSA_SUCCESS );
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
@@ -556,16 +562,17 @@
++stats->empty_slots;
continue;
}
- if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
++stats->volatile_slots;
- else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+ else
{
psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
++stats->persistent_slots;
if( id > stats->max_open_internal_key_id )
stats->max_open_internal_key_id = id;
}
- else
+ if( PSA_KEY_LIFETIME_GET_LOCATION( slot->attr.lifetime ) !=
+ PSA_KEY_LOCATION_LOCAL_STORAGE )
{
psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
++stats->external_slots;
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 773d3aa..2ebfc26 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -29,7 +29,6 @@
#include <stdlib.h>
#include <string.h>
-#include "psa_crypto_service_integration.h"
#include "psa/crypto.h"
#include "psa_crypto_storage.h"
#include "mbedtls/platform_util.h"
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 01e3f11..f49178c 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1525,7 +1525,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1572,7 +1572,7 @@
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1628,7 +1628,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1654,7 +1654,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1679,7 +1679,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
@@ -1785,7 +1785,7 @@
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a4cf44c..976a87c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3610,7 +3610,7 @@
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
}
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 8086cc0..acdd545 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -91,9 +91,8 @@
*/
#define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
-/*
- * Default profile
- */
+/* Default profile. Do not remove items unless there are serious security
+ * concerns. */
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
{
#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES)
diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py
index 213b64d..7214adb 100644
--- a/scripts/mbedtls_dev/crypto_knowledge.py
+++ b/scripts/mbedtls_dev/crypto_knowledge.py
@@ -19,7 +19,7 @@
# limitations under the License.
import re
-from typing import Iterable, Optional, Tuple
+from typing import Dict, Iterable, Optional, Pattern, Tuple
from mbedtls_dev.asymmetric_key_data import ASYMMETRIC_KEY_DATA
@@ -136,3 +136,18 @@
return des3[:length]
return b''.join([self.DATA_BLOCK] * (length // len(self.DATA_BLOCK)) +
[self.DATA_BLOCK[:length % len(self.DATA_BLOCK)]])
+
+ KEY_TYPE_FOR_SIGNATURE = {
+ 'PSA_KEY_USAGE_SIGN_HASH': re.compile('.*KEY_PAIR'),
+ 'PSA_KEY_USAGE_VERIFY_HASH': re.compile('.*KEY.*')
+ } #type: Dict[str, Pattern]
+ """Use a regexp to determine key types for which signature is possible
+ when using the actual usage flag.
+ """
+ def is_valid_for_signature(self, usage: str) -> bool:
+ """Determine if the key type is compatible with the specified
+ signitute type.
+
+ """
+ # This is just temporaly solution for the implicit usage flags.
+ return re.match(self.KEY_TYPE_FOR_SIGNATURE[usage], self.name) is not None
diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py
index 0e76435..f8d6155 100644
--- a/scripts/mbedtls_dev/macro_collector.py
+++ b/scripts/mbedtls_dev/macro_collector.py
@@ -81,11 +81,15 @@
`self.arguments_for` for arguments that are not of a kind that is
enumerated here.
"""
+ #pylint: disable=too-many-instance-attributes
def __init__(self) -> None:
"""Set up an empty set of known constructor macros.
"""
self.statuses = set() #type: Set[str]
+ self.lifetimes = set() #type: Set[str]
+ self.locations = set() #type: Set[str]
+ self.persistence_levels = set() #type: Set[str]
self.algorithms = set() #type: Set[str]
self.ecc_curves = set() #type: Set[str]
self.dh_groups = set() #type: Set[str]
@@ -96,6 +100,7 @@
self.ka_algorithms = set() #type: Set[str]
self.kdf_algorithms = set() #type: Set[str]
self.aead_algorithms = set() #type: Set[str]
+ self.sign_algorithms = set() #type: Set[str]
# macro name -> list of argument names
self.argspecs = {} #type: Dict[str, List[str]]
# argument name -> list of values
@@ -130,8 +135,12 @@
self.arguments_for['ka_alg'] = sorted(self.ka_algorithms)
self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms)
self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
+ self.arguments_for['sign_alg'] = sorted(self.sign_algorithms)
self.arguments_for['curve'] = sorted(self.ecc_curves)
self.arguments_for['group'] = sorted(self.dh_groups)
+ self.arguments_for['persistence'] = sorted(self.persistence_levels)
+ self.arguments_for['location'] = sorted(self.locations)
+ self.arguments_for['lifetime'] = sorted(self.lifetimes)
@staticmethod
def _format_arguments(name: str, arguments: Iterable[str]) -> str:
@@ -340,6 +349,9 @@
'ALG': self.algorithms,
'ECC_CURVE': self.ecc_curves,
'DH_GROUP': self.dh_groups,
+ 'KEY_LIFETIME': self.lifetimes,
+ 'KEY_LOCATION': self.locations,
+ 'KEY_PERSISTENCE': self.persistence_levels,
'KEY_TYPE': self.key_types,
'KEY_USAGE': self.key_usage_flags,
} #type: Dict[str, Set[str]]
@@ -357,14 +369,15 @@
'hash_algorithm': [self.hash_algorithms],
'mac_algorithm': [self.mac_algorithms],
'cipher_algorithm': [],
- 'hmac_algorithm': [self.mac_algorithms],
+ 'hmac_algorithm': [self.mac_algorithms, self.sign_algorithms],
'aead_algorithm': [self.aead_algorithms],
'key_derivation_algorithm': [self.kdf_algorithms],
'key_agreement_algorithm': [self.ka_algorithms],
- 'asymmetric_signature_algorithm': [],
+ 'asymmetric_signature_algorithm': [self.sign_algorithms],
'asymmetric_signature_wildcard': [self.algorithms],
'asymmetric_encryption_algorithm': [],
'other_algorithm': [],
+ 'lifetime': [self.lifetimes],
} #type: Dict[str, List[Set[str]]]
self.arguments_for['mac_length'] += ['1', '63']
self.arguments_for['min_mac_length'] += ['1', '63']
diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py
index 3a74007..45f0380 100644
--- a/scripts/mbedtls_dev/psa_storage.py
+++ b/scripts/mbedtls_dev/psa_storage.py
@@ -164,6 +164,10 @@
"""
return self.bytes().hex()
+ def location_value(self) -> int:
+ """The numerical value of the location encoded in the key's lifetime."""
+ return self.lifetime.value() >> 8
+
class TestKey(unittest.TestCase):
# pylint: disable=line-too-long
diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h
new file mode 100644
index 0000000..f80fd86
--- /dev/null
+++ b/tests/include/spe/crypto_spe.h
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+/**
+ * \file crypto_spe.h
+ *
+ * \brief When Mbed Crypto is built with the MBEDTLS_PSA_CRYPTO_SPM option
+ * enabled, this header is included by all .c files in Mbed Crypto that
+ * use PSA Crypto function names. This avoids duplication of symbols
+ * between TF-M and Mbed Crypto.
+ *
+ * \note This file should be included before including any PSA Crypto headers
+ * from Mbed Crypto.
+ */
+
+#ifndef CRYPTO_SPE_H
+#define CRYPTO_SPE_H
+
+#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x
+
+#define psa_crypto_init \
+ PSA_FUNCTION_NAME(psa_crypto_init)
+#define psa_key_derivation_get_capacity \
+ PSA_FUNCTION_NAME(psa_key_derivation_get_capacity)
+#define psa_key_derivation_set_capacity \
+ PSA_FUNCTION_NAME(psa_key_derivation_set_capacity)
+#define psa_key_derivation_input_bytes \
+ PSA_FUNCTION_NAME(psa_key_derivation_input_bytes)
+#define psa_key_derivation_output_bytes \
+ PSA_FUNCTION_NAME(psa_key_derivation_output_bytes)
+#define psa_key_derivation_input_key \
+ PSA_FUNCTION_NAME(psa_key_derivation_input_key)
+#define psa_key_derivation_output_key \
+ PSA_FUNCTION_NAME(psa_key_derivation_output_key)
+#define psa_key_derivation_setup \
+ PSA_FUNCTION_NAME(psa_key_derivation_setup)
+#define psa_key_derivation_abort \
+ PSA_FUNCTION_NAME(psa_key_derivation_abort)
+#define psa_key_derivation_key_agreement \
+ PSA_FUNCTION_NAME(psa_key_derivation_key_agreement)
+#define psa_raw_key_agreement \
+ PSA_FUNCTION_NAME(psa_raw_key_agreement)
+#define psa_generate_random \
+ PSA_FUNCTION_NAME(psa_generate_random)
+#define psa_aead_encrypt \
+ PSA_FUNCTION_NAME(psa_aead_encrypt)
+#define psa_aead_decrypt \
+ PSA_FUNCTION_NAME(psa_aead_decrypt)
+#define psa_open_key \
+ PSA_FUNCTION_NAME(psa_open_key)
+#define psa_close_key \
+ PSA_FUNCTION_NAME(psa_close_key)
+#define psa_import_key \
+ PSA_FUNCTION_NAME(psa_import_key)
+#define psa_destroy_key \
+ PSA_FUNCTION_NAME(psa_destroy_key)
+#define psa_get_key_attributes \
+ PSA_FUNCTION_NAME(psa_get_key_attributes)
+#define psa_reset_key_attributes \
+ PSA_FUNCTION_NAME(psa_reset_key_attributes)
+#define psa_export_key \
+ PSA_FUNCTION_NAME(psa_export_key)
+#define psa_export_public_key \
+ PSA_FUNCTION_NAME(psa_export_public_key)
+#define psa_purge_key \
+ PSA_FUNCTION_NAME(psa_purge_key)
+#define psa_copy_key \
+ PSA_FUNCTION_NAME(psa_copy_key)
+#define psa_cipher_operation_init \
+ PSA_FUNCTION_NAME(psa_cipher_operation_init)
+#define psa_cipher_generate_iv \
+ PSA_FUNCTION_NAME(psa_cipher_generate_iv)
+#define psa_cipher_set_iv \
+ PSA_FUNCTION_NAME(psa_cipher_set_iv)
+#define psa_cipher_encrypt_setup \
+ PSA_FUNCTION_NAME(psa_cipher_encrypt_setup)
+#define psa_cipher_decrypt_setup \
+ PSA_FUNCTION_NAME(psa_cipher_decrypt_setup)
+#define psa_cipher_update \
+ PSA_FUNCTION_NAME(psa_cipher_update)
+#define psa_cipher_finish \
+ PSA_FUNCTION_NAME(psa_cipher_finish)
+#define psa_cipher_abort \
+ PSA_FUNCTION_NAME(psa_cipher_abort)
+#define psa_hash_operation_init \
+ PSA_FUNCTION_NAME(psa_hash_operation_init)
+#define psa_hash_setup \
+ PSA_FUNCTION_NAME(psa_hash_setup)
+#define psa_hash_update \
+ PSA_FUNCTION_NAME(psa_hash_update)
+#define psa_hash_finish \
+ PSA_FUNCTION_NAME(psa_hash_finish)
+#define psa_hash_verify \
+ PSA_FUNCTION_NAME(psa_hash_verify)
+#define psa_hash_abort \
+ PSA_FUNCTION_NAME(psa_hash_abort)
+#define psa_hash_clone \
+ PSA_FUNCTION_NAME(psa_hash_clone)
+#define psa_hash_compute \
+ PSA_FUNCTION_NAME(psa_hash_compute)
+#define psa_hash_compare \
+ PSA_FUNCTION_NAME(psa_hash_compare)
+#define psa_mac_operation_init \
+ PSA_FUNCTION_NAME(psa_mac_operation_init)
+#define psa_mac_sign_setup \
+ PSA_FUNCTION_NAME(psa_mac_sign_setup)
+#define psa_mac_verify_setup \
+ PSA_FUNCTION_NAME(psa_mac_verify_setup)
+#define psa_mac_update \
+ PSA_FUNCTION_NAME(psa_mac_update)
+#define psa_mac_sign_finish \
+ PSA_FUNCTION_NAME(psa_mac_sign_finish)
+#define psa_mac_verify_finish \
+ PSA_FUNCTION_NAME(psa_mac_verify_finish)
+#define psa_mac_abort \
+ PSA_FUNCTION_NAME(psa_mac_abort)
+#define psa_sign_hash \
+ PSA_FUNCTION_NAME(psa_sign_hash)
+#define psa_verify_hash \
+ PSA_FUNCTION_NAME(psa_verify_hash)
+#define psa_asymmetric_encrypt \
+ PSA_FUNCTION_NAME(psa_asymmetric_encrypt)
+#define psa_asymmetric_decrypt \
+ PSA_FUNCTION_NAME(psa_asymmetric_decrypt)
+#define psa_generate_key \
+ PSA_FUNCTION_NAME(psa_generate_key)
+
+#endif /* CRYPTO_SPE_H */
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index 9bfe085..dfc09cd 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -54,6 +54,10 @@
#include <stddef.h>
#include <stdint.h>
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
typedef enum
{
MBEDTLS_TEST_RESULT_SUCCESS = 0,
@@ -294,4 +298,25 @@
const char *file, int line);
#endif
+#if defined(MBEDTLS_BIGNUM_C)
+/** Read an MPI from a string.
+ *
+ * Like mbedtls_mpi_read_string(), but size the resulting bignum based
+ * on the number of digits in the string. In particular, construct a
+ * bignum with 0 limbs for an empty string, and a bignum with leading 0
+ * limbs if the string has sufficiently many leading 0 digits.
+ *
+ * This is important so that the "0 (null)" and "0 (1 limb)" and
+ * "leading zeros" test cases do what they claim.
+ *
+ * \param[out] X The MPI object to populate. It must be initialized.
+ * \param radix The radix (2 to 16).
+ * \param[in] s The null-terminated string to read from.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+/* Since the library has exactly the desired behavior, this is trivial. */
+int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s );
+#endif /* MBEDTLS_BIGNUM_C */
+
#endif /* TEST_HELPERS_H */
diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
index 9881eae..8a8c37e 100644
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h
@@ -186,6 +186,14 @@
#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+/** Return extended key usage policies.
+ *
+ * Do a key policy permission extension on key usage policies always involves
+ * permissions of other usage policies
+ * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSGAE).
+ */
+psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags );
+
/** Skip a test case if the given key is a 192 bits AES key and the AES
* implementation is at least partially provided by an accelerator or
* alternative implementation.
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index dd3dbb7..388bdf8 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -798,6 +798,32 @@
make test
}
+# check_renamed_symbols HEADER LIB
+# Check that if HEADER contains '#define MACRO ...' then MACRO is not a symbol
+# name is LIB.
+check_renamed_symbols () {
+ ! nm "$2" | sed 's/.* //' |
+ grep -x -F "$(sed -n 's/^ *# *define *\([A-Z_a-z][0-9A-Z_a-z]*\)..*/\1/p' "$1")"
+}
+
+component_build_psa_crypto_spm () {
+ msg "build: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER + PSA_CRYPTO_SPM, make, gcc"
+ scripts/config.py full
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM
+ # We can only compile, not link, since our test and sample programs
+ # aren't equipped for the modified names used when MBEDTLS_PSA_CRYPTO_SPM
+ # is active.
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' lib
+
+ # Check that if a symbol is renamed by crypto_spe.h, the non-renamed
+ # version is not present.
+ echo "Checking for renamed symbols in the library"
+ if_build_succeeded check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a
+}
+
component_test_psa_crypto_client () {
msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make"
scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py
index 6dd8585..62abcf2 100755
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@@ -227,9 +227,50 @@
class StorageKey(psa_storage.Key):
"""Representation of a key for storage format testing."""
- def __init__(self, *, description: str, **kwargs) -> None:
+ IMPLICIT_USAGE_FLAGS = {
+ 'PSA_KEY_USAGE_SIGN_HASH': 'PSA_KEY_USAGE_SIGN_MESSAGE',
+ 'PSA_KEY_USAGE_VERIFY_HASH': 'PSA_KEY_USAGE_VERIFY_MESSAGE'
+ } #type: Dict[str, str]
+ """Mapping of usage flags to the flags that they imply."""
+
+ def __init__(
+ self,
+ usage: str,
+ without_implicit_usage: Optional[bool] = False,
+ **kwargs
+ ) -> None:
+ """Prepare to generate a key.
+
+ * `usage` : The usage flags used for the key.
+ * `without_implicit_usage`: Flag to defide to apply the usage extension
+ """
+ super().__init__(usage=usage, **kwargs)
+
+ if not without_implicit_usage:
+ for flag, implicit in self.IMPLICIT_USAGE_FLAGS.items():
+ if self.usage.value() & psa_storage.Expr(flag).value() and \
+ self.usage.value() & psa_storage.Expr(implicit).value() == 0:
+ self.usage = psa_storage.Expr(self.usage.string + ' | ' + implicit)
+
+class StorageTestData(StorageKey):
+ """Representation of test case data for storage format testing."""
+
+ def __init__(
+ self,
+ description: str,
+ expected_usage: Optional[str] = None,
+ **kwargs
+ ) -> None:
+ """Prepare to generate test data
+
+ * `description` : used for the the test case names
+ * `expected_usage`: the usage flags generated as the expected usage flags
+ in the test cases. CAn differ from the usage flags
+ stored in the keys because of the usage flags extension.
+ """
super().__init__(**kwargs)
self.description = description #type: str
+ self.expected_usage = expected_usage if expected_usage else self.usage.string #type: str
class StorageFormat:
"""Storage format stability test cases."""
@@ -244,11 +285,11 @@
generate backward compatibility test cases which inject a key
representation and check that it can be read and used.
"""
- self.constructors = info.constructors
- self.version = version
- self.forward = forward
+ self.constructors = info.constructors #type: macro_collector.PSAMacroEnumerator
+ self.version = version #type: int
+ self.forward = forward #type: bool
- def make_test_case(self, key: StorageKey) -> test_case.TestCase:
+ def make_test_case(self, key: StorageTestData) -> test_case.TestCase:
"""Construct a storage format test case for the given key.
If ``forward`` is true, generate a forward compatibility test case:
@@ -262,7 +303,7 @@
tc.set_description('PSA storage {}: {}'.format(verb, key.description))
dependencies = automatic_dependencies(
key.lifetime.string, key.type.string,
- key.usage.string, key.alg.string, key.alg2.string,
+ key.expected_usage, key.alg.string, key.alg2.string,
)
dependencies = finish_family_dependencies(dependencies, key.bits)
tc.set_dependencies(dependencies)
@@ -283,46 +324,99 @@
extra_arguments = [' | '.join(flags) if flags else '0']
tc.set_arguments([key.lifetime.string,
key.type.string, str(key.bits),
- key.usage.string, key.alg.string, key.alg2.string,
+ key.expected_usage, key.alg.string, key.alg2.string,
'"' + key.material.hex() + '"',
'"' + key.hex() + '"',
*extra_arguments])
return tc
- def key_for_usage_flags(
+ def key_for_lifetime(
+ self,
+ lifetime: str,
+ ) -> StorageTestData:
+ """Construct a test key for the given lifetime."""
+ short = lifetime
+ short = re.sub(r'PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION',
+ r'', short)
+ short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short)
+ description = 'lifetime: ' + short
+ key = StorageTestData(version=self.version,
+ id=1, lifetime=lifetime,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0,
+ material=b'L',
+ description=description)
+ return key
+
+ def all_keys_for_lifetimes(self) -> Iterator[StorageTestData]:
+ """Generate test keys covering lifetimes."""
+ lifetimes = sorted(self.constructors.lifetimes)
+ expressions = self.constructors.generate_expressions(lifetimes)
+ for lifetime in expressions:
+ # Don't attempt to create or load a volatile key in storage
+ if 'VOLATILE' in lifetime:
+ continue
+ # Don't attempt to create a read-only key in storage,
+ # but do attempt to load one.
+ if 'READ_ONLY' in lifetime and self.forward:
+ continue
+ yield self.key_for_lifetime(lifetime)
+
+ def keys_for_usage_flags(
self,
usage_flags: List[str],
- short: Optional[str] = None
- ) -> StorageKey:
+ short: Optional[str] = None,
+ test_implicit_usage: Optional[bool] = False
+ ) -> Iterator[StorageTestData]:
"""Construct a test key for the given key usage."""
usage = ' | '.join(usage_flags) if usage_flags else '0'
if short is None:
short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage)
- description = 'usage: ' + short
- key = StorageKey(version=self.version,
- id=1, lifetime=0x00000001,
- type='PSA_KEY_TYPE_RAW_DATA', bits=8,
- usage=usage, alg=0, alg2=0,
- material=b'K',
- description=description)
- return key
+ extra_desc = ' with implication' if test_implicit_usage else ''
+ description = 'usage' + extra_desc + ': ' + short
+ key1 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ expected_usage=usage,
+ usage=usage, alg=0, alg2=0,
+ material=b'K',
+ description=description)
+ yield key1
- def all_keys_for_usage_flags(self) -> Iterator[StorageKey]:
+ if test_implicit_usage:
+ description = 'usage without implication' + ': ' + short
+ key2 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ without_implicit_usage=True,
+ usage=usage, alg=0, alg2=0,
+ material=b'K',
+ description=description)
+ yield key2
+
+ def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageTestData]:
"""Generate test keys covering usage flags."""
known_flags = sorted(self.constructors.key_usage_flags)
- yield self.key_for_usage_flags(['0'])
+ yield from self.keys_for_usage_flags(['0'], **kwargs)
for usage_flag in known_flags:
- yield self.key_for_usage_flags([usage_flag])
+ yield from self.keys_for_usage_flags([usage_flag], **kwargs)
for flag1, flag2 in zip(known_flags,
known_flags[1:] + [known_flags[0]]):
- yield self.key_for_usage_flags([flag1, flag2])
- yield self.key_for_usage_flags(known_flags, short='all known')
+ yield from self.keys_for_usage_flags([flag1, flag2], **kwargs)
+
+ def generate_key_for_all_usage_flags(self) -> Iterator[StorageTestData]:
+ known_flags = sorted(self.constructors.key_usage_flags)
+ yield from self.keys_for_usage_flags(known_flags, short='all known')
+
+ def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
+ yield from self.generate_keys_for_usage_flags()
+ yield from self.generate_key_for_all_usage_flags()
def keys_for_type(
self,
key_type: str,
params: Optional[Iterable[str]] = None
- ) -> Iterator[StorageKey]:
+ ) -> Iterator[StorageTestData]:
"""Generate test keys for the given key type.
For key types that depend on a parameter (e.g. elliptic curve family),
@@ -339,21 +433,21 @@
r'',
kt.expression)
description = 'type: {} {}-bit'.format(short_expression, bits)
- key = StorageKey(version=self.version,
- id=1, lifetime=0x00000001,
- type=kt.expression, bits=bits,
- usage=usage_flags, alg=alg, alg2=alg2,
- material=key_material,
- description=description)
+ key = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type=kt.expression, bits=bits,
+ usage=usage_flags, alg=alg, alg2=alg2,
+ material=key_material,
+ description=description)
yield key
- def all_keys_for_types(self) -> Iterator[StorageKey]:
+ def all_keys_for_types(self) -> Iterator[StorageTestData]:
"""Generate test keys covering key types and their representations."""
key_types = sorted(self.constructors.key_types)
for key_type in self.constructors.generate_expressions(key_types):
yield from self.keys_for_type(key_type)
- def keys_for_algorithm(self, alg: str) -> Iterator[StorageKey]:
+ def keys_for_algorithm(self, alg: str) -> Iterator[StorageTestData]:
"""Generate test keys for the specified algorithm."""
# For now, we don't have information on the compatibility of key
# types and algorithms. So we just test the encoding of algorithms,
@@ -361,41 +455,167 @@
descr = re.sub(r'PSA_ALG_', r'', alg)
descr = re.sub(r',', r', ', re.sub(r' +', r'', descr))
usage = 'PSA_KEY_USAGE_EXPORT'
- key1 = StorageKey(version=self.version,
- id=1, lifetime=0x00000001,
- type='PSA_KEY_TYPE_RAW_DATA', bits=8,
- usage=usage, alg=alg, alg2=0,
- material=b'K',
- description='alg: ' + descr)
+ key1 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ usage=usage, alg=alg, alg2=0,
+ material=b'K',
+ description='alg: ' + descr)
yield key1
- key2 = StorageKey(version=self.version,
- id=1, lifetime=0x00000001,
- type='PSA_KEY_TYPE_RAW_DATA', bits=8,
- usage=usage, alg=0, alg2=alg,
- material=b'L',
- description='alg2: ' + descr)
+ key2 = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ usage=usage, alg=0, alg2=alg,
+ material=b'L',
+ description='alg2: ' + descr)
yield key2
- def all_keys_for_algorithms(self) -> Iterator[StorageKey]:
+ def all_keys_for_algorithms(self) -> Iterator[StorageTestData]:
"""Generate test keys covering algorithm encodings."""
algorithms = sorted(self.constructors.algorithms)
for alg in self.constructors.generate_expressions(algorithms):
yield from self.keys_for_algorithm(alg)
+ def generate_all_keys(self) -> Iterator[StorageTestData]:
+ """Generate all keys for the test cases."""
+ yield from self.all_keys_for_lifetimes()
+ yield from self.all_keys_for_usage_flags()
+ yield from self.all_keys_for_types()
+ yield from self.all_keys_for_algorithms()
+
def all_test_cases(self) -> Iterator[test_case.TestCase]:
"""Generate all storage format test cases."""
# First build a list of all keys, then construct all the corresponding
# test cases. This allows all required information to be obtained in
# one go, which is a significant performance gain as the information
# includes numerical values obtained by compiling a C program.
- keys = [] #type: List[StorageKey]
- keys += self.all_keys_for_usage_flags()
- keys += self.all_keys_for_types()
- keys += self.all_keys_for_algorithms()
- for key in keys:
+ for key in self.generate_all_keys():
+ if key.location_value() != 0:
+ # Skip keys with a non-default location, because they
+ # require a driver and we currently have no mechanism to
+ # determine whether a driver is available.
+ continue
yield self.make_test_case(key)
- # To do: vary id, lifetime
+class StorageFormatForward(StorageFormat):
+ """Storage format stability test cases for forward compatibility."""
+
+ def __init__(self, info: Information, version: int) -> None:
+ super().__init__(info, version, True)
+
+class StorageFormatV0(StorageFormat):
+ """Storage format stability test cases for version 0 compatibility."""
+
+ def __init__(self, info: Information) -> None:
+ super().__init__(info, 0, False)
+
+ def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
+ """Generate test keys covering usage flags."""
+ yield from self.generate_keys_for_usage_flags(test_implicit_usage=True)
+ yield from self.generate_key_for_all_usage_flags()
+
+ def keys_for_implicit_usage(
+ self,
+ implyer_usage: str,
+ alg: str,
+ key_type: crypto_knowledge.KeyType
+ ) -> StorageTestData:
+ # pylint: disable=too-many-locals
+ """Generate test keys for the specified implicit usage flag,
+ algorithm and key type combination.
+ """
+ bits = key_type.sizes_to_test()[0]
+ implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage]
+ usage_flags = 'PSA_KEY_USAGE_EXPORT'
+ material_usage_flags = usage_flags + ' | ' + implyer_usage
+ expected_usage_flags = material_usage_flags + ' | ' + implicit_usage
+ alg2 = 0
+ key_material = key_type.key_material(bits)
+ usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage)
+ alg_expression = re.sub(r'PSA_ALG_', r'', alg)
+ alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression))
+ key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_',
+ r'',
+ key_type.expression)
+ description = 'implied by {}: {} {} {}-bit'.format(
+ usage_expression, alg_expression, key_type_expression, bits)
+ key = StorageTestData(version=self.version,
+ id=1, lifetime=0x00000001,
+ type=key_type.expression, bits=bits,
+ usage=material_usage_flags,
+ expected_usage=expected_usage_flags,
+ without_implicit_usage=True,
+ alg=alg, alg2=alg2,
+ material=key_material,
+ description=description)
+ return key
+
+ def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]:
+ # pylint: disable=too-many-locals
+ """Match possible key types for sign algorithms."""
+ # To create a valid combinaton both the algorithms and key types
+ # must be filtered. Pair them with keywords created from its names.
+ incompatible_alg_keyword = frozenset(['RAW', 'ANY', 'PURE'])
+ incompatible_key_type_keywords = frozenset(['MONTGOMERY'])
+ keyword_translation = {
+ 'ECDSA': 'ECC',
+ 'ED[0-9]*.*' : 'EDWARDS'
+ }
+ exclusive_keywords = {
+ 'EDWARDS': 'ECC'
+ }
+ key_types = set(self.constructors.generate_expressions(self.constructors.key_types))
+ algorithms = set(self.constructors.generate_expressions(self.constructors.sign_algorithms))
+ alg_with_keys = {} #type: Dict[str, List[str]]
+ translation_table = str.maketrans('(', '_', ')')
+ for alg in algorithms:
+ # Generate keywords from the name of the algorithm
+ alg_keywords = set(alg.partition('(')[0].split(sep='_')[2:])
+ # Translate keywords for better matching with the key types
+ for keyword in alg_keywords.copy():
+ for pattern, replace in keyword_translation.items():
+ if re.match(pattern, keyword):
+ alg_keywords.remove(keyword)
+ alg_keywords.add(replace)
+ # Filter out incompatible algortihms
+ if not alg_keywords.isdisjoint(incompatible_alg_keyword):
+ continue
+
+ for key_type in key_types:
+ # Generate keywords from the of the key type
+ key_type_keywords = set(key_type.translate(translation_table).split(sep='_')[3:])
+
+ # Remove ambigious keywords
+ for keyword1, keyword2 in exclusive_keywords.items():
+ if keyword1 in key_type_keywords:
+ key_type_keywords.remove(keyword2)
+
+ if key_type_keywords.isdisjoint(incompatible_key_type_keywords) and\
+ not key_type_keywords.isdisjoint(alg_keywords):
+ if alg in alg_with_keys:
+ alg_with_keys[alg].append(key_type)
+ else:
+ alg_with_keys[alg] = [key_type]
+ return alg_with_keys
+
+ def all_keys_for_implicit_usage(self) -> Iterator[StorageTestData]:
+ """Generate test keys for usage flag extensions."""
+ # Generate a key type and algorithm pair for each extendable usage
+ # flag to generate a valid key for exercising. The key is generated
+ # without usage extension to check the extension compatiblity.
+ alg_with_keys = self.gather_key_types_for_sign_alg()
+
+ for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str):
+ for alg in sorted(alg_with_keys):
+ for key_type in sorted(alg_with_keys[alg]):
+ # The key types must be filtered to fit the specific usage flag.
+ kt = crypto_knowledge.KeyType(key_type)
+ if kt.is_valid_for_signature(usage):
+ yield self.keys_for_implicit_usage(usage, alg, kt)
+
+ def generate_all_keys(self) -> Iterator[StorageTestData]:
+ yield from super().generate_all_keys()
+ yield from self.all_keys_for_implicit_usage()
class TestGenerator:
"""Generate test data."""
@@ -427,9 +647,9 @@
'test_suite_psa_crypto_not_supported.generated':
lambda info: NotSupported(info).test_cases_for_not_supported(),
'test_suite_psa_crypto_storage_format.current':
- lambda info: StorageFormat(info, 0, True).all_test_cases(),
+ lambda info: StorageFormatForward(info, 0).all_test_cases(),
'test_suite_psa_crypto_storage_format.v0':
- lambda info: StorageFormat(info, 0, False).all_test_cases(),
+ lambda info: StorageFormatV0(info).all_test_cases(),
} #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]]
def generate_target(self, name: str) -> None:
diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c
index a415dd8..6aca193 100644
--- a/tests/src/drivers/test_driver_cipher.c
+++ b/tests/src/drivers/test_driver_cipher.c
@@ -39,26 +39,19 @@
mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks =
MBEDTLS_TEST_DRIVER_CIPHER_INIT;
-static psa_status_t mbedtls_test_transparent_cipher_oneshot(
- mbedtls_operation_t direction,
+psa_status_t mbedtls_test_transparent_cipher_encrypt(
const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
{
mbedtls_test_driver_cipher_hooks.hits++;
- /* Test driver supports AES-CTR only, to verify operation calls. */
- if( alg != PSA_ALG_CTR ||
- psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- /* If test driver response code is not SUCCESS, we can return early */
- if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
- return( mbedtls_test_driver_cipher_hooks.forced_status );
-
- /* If test driver output is overridden, we don't need to do actual crypto */
if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
{
if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
@@ -72,133 +65,50 @@
return( mbedtls_test_driver_cipher_hooks.forced_status );
}
- /* Run AES-CTR using the cipher module */
- {
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
- const mbedtls_cipher_info_t *cipher_info =
- mbedtls_cipher_info_from_values( MBEDTLS_CIPHER_ID_AES,
- key_length * 8,
- MBEDTLS_MODE_CTR );
- mbedtls_cipher_context_t cipher;
- int ret = 0;
- uint8_t temp_output_buffer[16] = {0};
- size_t temp_output_length = 0;
+ psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) );
- if( direction == MBEDTLS_ENCRYPT )
- {
- /* Oneshot encrypt needs to prepend the IV to the output */
- if( output_size < ( input_length + 16 ) )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- }
- else
- {
- /* Oneshot decrypt has the IV prepended to the input */
- if( output_size < ( input_length - 16 ) )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- }
-
- if( cipher_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
-
- mbedtls_cipher_init( &cipher );
- ret = mbedtls_cipher_setup( &cipher, cipher_info );
- if( ret != 0 )
- goto exit;
-
- ret = mbedtls_cipher_setkey( &cipher,
- key,
- key_length * 8, direction );
- if( ret != 0 )
- goto exit;
-
- if( direction == MBEDTLS_ENCRYPT )
- {
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
- ret = mbedtls_test_rnd_pseudo_rand( &rnd_info,
- temp_output_buffer,
- 16 );
- if( ret != 0 )
- goto exit;
-
- ret = mbedtls_cipher_set_iv( &cipher, temp_output_buffer, 16 );
- }
- else
- ret = mbedtls_cipher_set_iv( &cipher, input, 16 );
-
- if( ret != 0 )
- goto exit;
-
- if( direction == MBEDTLS_ENCRYPT )
- {
- ret = mbedtls_cipher_update( &cipher,
- input, input_length,
- &output[16], output_length );
- if( ret == 0 )
- {
- memcpy( output, temp_output_buffer, 16 );
- *output_length += 16;
- }
- }
- else
- ret = mbedtls_cipher_update( &cipher,
- &input[16], input_length - 16,
- output, output_length );
-
- if( ret != 0 )
- goto exit;
-
- ret = mbedtls_cipher_finish( &cipher,
- temp_output_buffer,
- &temp_output_length );
-
-exit:
- if( ret != 0 )
- {
- *output_length = 0;
- memset(output, 0, output_size);
- }
-
- mbedtls_cipher_free( &cipher );
- return( mbedtls_to_psa_error( ret ) );
- }
-}
-
-psa_status_t mbedtls_test_transparent_cipher_encrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
- psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
-{
- return (
- mbedtls_test_transparent_cipher_oneshot(
- MBEDTLS_ENCRYPT,
- attributes,
- key, key_length,
- alg,
- input, input_length,
- output, output_size, output_length) );
+ return( mbedtls_transparent_test_driver_cipher_encrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
}
psa_status_t mbedtls_test_transparent_cipher_decrypt(
const psa_key_attributes_t *attributes,
- const uint8_t *key, size_t key_length,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length)
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
{
- return (
- mbedtls_test_transparent_cipher_oneshot(
- MBEDTLS_DECRYPT,
- attributes,
- key, key_length,
- alg,
- input, input_length,
- output, output_size, output_length) );
+ mbedtls_test_driver_cipher_hooks.hits++;
+
+ if( mbedtls_test_driver_cipher_hooks.forced_output != NULL )
+ {
+ if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ memcpy( output,
+ mbedtls_test_driver_cipher_hooks.forced_output,
+ mbedtls_test_driver_cipher_hooks.forced_output_length );
+ *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length;
+
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+ }
+
+ if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
+ return( mbedtls_test_driver_cipher_hooks.forced_status );
+
+ return( mbedtls_transparent_test_driver_cipher_decrypt(
+ attributes, key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
}
psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
diff --git a/tests/src/helpers.c b/tests/src/helpers.c
index b7c9867..bf6c1d9 100644
--- a/tests/src/helpers.c
+++ b/tests/src/helpers.c
@@ -338,3 +338,18 @@
}
}
#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s )
+{
+ /* mbedtls_mpi_read_string() currently retains leading zeros.
+ * It always allocates at least one limb for the value 0. */
+ if( s[0] == 0 )
+ {
+ mbedtls_mpi_free( X );
+ return( 0 );
+ }
+ else
+ return( mbedtls_mpi_read_string( X, radix, s ) );
+}
+#endif
diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c
index f2222cb..d9d841a 100644
--- a/tests/src/psa_crypto_helpers.c
+++ b/tests/src/psa_crypto_helpers.c
@@ -114,4 +114,17 @@
}
#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
+psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags )
+{
+ psa_key_usage_t updated_usage = usage_flags;
+
+ if( usage_flags & PSA_KEY_USAGE_SIGN_HASH )
+ updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE;
+
+ if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
+ updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+
+ return( updated_usage );
+}
+
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c
index f48a64e..e4e55c9 100644
--- a/tests/src/psa_exercise_key.c
+++ b/tests/src/psa_exercise_key.c
@@ -316,13 +316,14 @@
#endif
}
+ /* Some algorithms require the payload to have the size of
+ * the hash encoded in the algorithm. Use this input size
+ * even for algorithms that allow other input sizes. */
+ if( hash_alg != 0 )
+ payload_length = PSA_HASH_LENGTH( hash_alg );
+
if( usage & PSA_KEY_USAGE_SIGN_HASH )
{
- /* Some algorithms require the payload to have the size of
- * the hash encoded in the algorithm. Use this input size
- * even for algorithms that allow other input sizes. */
- if( hash_alg != 0 )
- payload_length = PSA_HASH_LENGTH( hash_alg );
PSA_ASSERT( psa_sign_hash( key, alg,
payload, payload_length,
signature, sizeof( signature ),
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 2200f90..5954004 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -5992,7 +5992,7 @@
-S "SSL - Verification of the message MAC failed"
server_needs_more_time 1
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: password mismatch, TLS" \
"$P_SRV debug_level=3 ecjpake_pw=bla" \
"$P_CLI debug_level=3 ecjpake_pw=bad \
@@ -6001,7 +6001,7 @@
-C "re-using cached ecjpake parameters" \
-s "SSL - Verification of the message MAC failed"
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: working, DTLS" \
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
"$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
@@ -6010,7 +6010,7 @@
-c "re-using cached ecjpake parameters" \
-S "SSL - Verification of the message MAC failed"
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: working, DTLS, no cookie" \
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \
"$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
@@ -6020,7 +6020,7 @@
-S "SSL - Verification of the message MAC failed"
server_needs_more_time 1
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: password mismatch, DTLS" \
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
"$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \
@@ -6030,7 +6030,7 @@
-s "SSL - Verification of the message MAC failed"
# for tests with configs/config-thread.h
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
run_test "ECJPAKE: working, DTLS, nolog" \
"$P_SRV dtls=1 ecjpake_pw=bla" \
"$P_CLI dtls=1 ecjpake_pw=bla \
diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function
index 47a4340..414278f 100644
--- a/tests/suites/test_suite_asn1parse.function
+++ b/tests/suites/test_suite_asn1parse.function
@@ -417,7 +417,7 @@
}
#if defined(MBEDTLS_BIGNUM_C)
- ret = mbedtls_mpi_read_string( &expected_mpi, 16, expected_hex );
+ ret = mbedtls_test_read_mpi( &expected_mpi, 16, expected_hex );
TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA )
{
diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data
index eb99b79..6d57442 100644
--- a/tests/suites/test_suite_debug.data
+++ b/tests/suites/test_suite_debug.data
@@ -37,6 +37,27 @@
Debug print buffer #5
mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n"
+Debug print mbedtls_mpi: 0 (empty representation)
+mbedtls_debug_print_mpi:16:"":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
+
+Debug print mbedtls_mpi: 0 (non-empty representation)
+mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
+
+Debug print mbedtls_mpi #2: 3 bits
+mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n"
+
+Debug print mbedtls_mpi: 49 bits
+mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n"
+
+Debug print mbedtls_mpi: 759 bits
+mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #1
+mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #2
+mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
Debug print certificate #1 (RSA)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n"
@@ -44,21 +65,3 @@
Debug print certificate #2 (EC)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
-
-Debug print mbedtls_mpi #1
-mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n"
-
-Debug print mbedtls_mpi #2
-mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n"
-
-Debug print mbedtls_mpi #3
-mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
-
-Debug print mbedtls_mpi #4
-mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #5
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #6
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index 377d630..fe5549a 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -179,7 +179,7 @@
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 );
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data
index 33c7216..4e13e48 100644
--- a/tests/suites/test_suite_dhm.data
+++ b/tests/suites/test_suite_dhm.data
@@ -73,18 +73,36 @@
Diffie-Hellman full exchange: 286-bit
dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":36:10:"9345098309485093845098340962223981329819812792137312973297123912791271":0
-Diffie-Hellman trivial subgroup #1
-dhm_do_dhm:10:"23":1:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-
-Diffie-Hellman trivial subgroup #2
-dhm_do_dhm:10:"23":1:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-
Diffie-Hellman small modulus
dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Diffie-Hellman zero modulus
dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+Diffie-Hellman with G=0
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"0":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=-1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-2
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409621":0
+
+Diffie-Hellman with G=P
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409623":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409624":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+2
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409625":0
+
Diffie-Hellman: x_size < 0
dhm_do_dhm:10:"93450983094850938450983409623":-1:10:"9345098304850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 6d3743f..96ff2ac 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -206,8 +206,8 @@
/*
* Set params
*/
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.G, radix_G, input_G ) == 0 );
pub_cli_len = mbedtls_mpi_size( &ctx_srv.P );
/*
@@ -307,7 +307,7 @@
TEST_ASSERT( mbedtls_mpi_shift_l( &P, ( P_bytes * 8 ) - 1 ) == 0 );
TEST_ASSERT( mbedtls_mpi_set_bit( &P, 0, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &G, radix_G, input_G ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &G, radix_G, input_G ) == 0 );
TEST_ASSERT( mbedtls_dhm_set_group( &ctx, &P, &G ) == 0 );
TEST_ASSERT( mbedtls_dhm_make_public( &ctx, (int) mbedtls_mpi_size( &P ),
@@ -331,8 +331,8 @@
mbedtls_dhm_init( &ctx );
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, 16, p ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &G, 16, g ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, 16, p ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &G, 16, g ) == 0 );
TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 );
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index da0531b..69197e6 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -278,21 +278,21 @@
mbedtls_test_rnd_buffer_rand,
&rnd_info_A ) == 0 );
TEST_ASSERT( ! mbedtls_ecp_is_zero( &qA ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xA_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.X, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yA_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.Y, &check ) == 0 );
TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB,
mbedtls_test_rnd_buffer_rand,
&rnd_info_B ) == 0 );
TEST_ASSERT( ! mbedtls_ecp_is_zero( &qB ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xB_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.X, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yB_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, z_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, z_str ) == 0 );
TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 );
TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 );
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index fb6ed46..d47bb4e 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -289,9 +289,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 );
rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info.fallback_p_rng = NULL;
rnd_info.buf = rnd_buf->x;
@@ -354,9 +354,9 @@
memset( hash, 0, sizeof( hash ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
@@ -585,7 +585,7 @@
memset( sig, 0, sizeof( sig ) );
TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.d, 16, d_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 3ca563e..538c648 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -403,9 +403,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret );
@@ -454,13 +454,13 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 );
mbedtls_ecp_set_max_ops( (unsigned) max_ops );
@@ -538,13 +538,13 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &u1, 16, u1_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &u2, 16, u2_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xR, 16, xR_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yR, 16, yR_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &u1, 16, u1_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &u2, 16, u2_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xR, 16, xR_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yR, 16, yR_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q.X, 16, xQ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q.Y, 16, yQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q.X, 16, xQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q.Y, 16, yQ_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 );
mbedtls_ecp_set_max_ops( (unsigned) max_ops );
@@ -601,14 +601,14 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yB, 16, yB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yB, 16, yB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 );
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
&mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
@@ -656,11 +656,11 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xS, 16, xS_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xS, 16, xS_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
&mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
@@ -820,7 +820,7 @@
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R );
mbedtls_ecp_group_init( &grp );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, 16, N_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, 16, N_str ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
TEST_ASSERT( grp.modp != NULL );
@@ -859,9 +859,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format,
&olen, buf, blen ) == ret );
@@ -891,9 +891,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret );
@@ -935,9 +935,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret );
@@ -1072,7 +1072,7 @@
mbedtls_mpi_init( &d );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, key_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, key_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret );
@@ -1099,7 +1099,7 @@
if( id != MBEDTLS_ECP_DP_NONE )
TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.d, 16, d ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret );
diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data
index 1671d6e..2addd23 100644
--- a/tests/suites/test_suite_mpi.data
+++ b/tests/suites/test_suite_mpi.data
@@ -68,13 +68,13 @@
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0
Test mpi_read_write_string #8 (Empty MPI hex -> hex)
-mpi_read_write_string:16:"":16:"00":4:0:0
+mpi_read_write_string:16:"":16:"":4:0:0
Test mpi_read_write_string #9 (Empty MPI hex -> dec)
mpi_read_write_string:16:"":10:"0":4:0:0
Test mpi_read_write_string #8 (Empty MPI dec -> hex)
-mpi_read_write_string:10:"":16:"00":4:0:0
+mpi_read_write_string:10:"":16:"":4:0:0
Test mpi_read_write_string #9 (Empty MPI dec -> dec)
mpi_read_write_string:10:"":10:"0":4:0:0
@@ -121,6 +121,12 @@
Base test mbedtls_mpi_write_file #1
mbedtls_mpi_write_file:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"data_files/mpi_write"
+Test mbedtls_mpi_lsb: 0 (null)
+mbedtls_mpi_lsb:16:"":0
+
+Test mbedtls_mpi_lsb: 0 (1 limb)
+mbedtls_mpi_lsb:16:"0":0
+
Base test mbedtls_mpi_lsb #1
mbedtls_mpi_lsb:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":2
@@ -151,7 +157,10 @@
Base test mbedtls_mpi_bitlen #6
mbedtls_mpi_bitlen:10:"10":4
-Base test mbedtls_mpi_bitlen #7
+Base test mbedtls_mpi_bitlen: 0 (null)
+mbedtls_mpi_bitlen:10:"":0
+
+Base test mbedtls_mpi_bitlen: 0 (1 limb)
mbedtls_mpi_bitlen:10:"0":0
Base test mbedtls_mpi_cmp_int #1
@@ -199,6 +208,90 @@
Base test mbedtls_mpi_cmp_mpi (Mixed values) #6
mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (null)
+mbedtls_mpi_cmp_mpi:10:"":10:"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"":10:"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (null)
+mbedtls_mpi_cmp_mpi:10:"0":10:"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"0":10:"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive
+mbedtls_mpi_cmp_mpi:10:"":10:"123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive
+mbedtls_mpi_cmp_mpi:10:"0":10:"123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative
+mbedtls_mpi_cmp_mpi:10:"":10:"-123":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative
+mbedtls_mpi_cmp_mpi:10:"0":10:"-123":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (null)
+mbedtls_mpi_cmp_mpi:10:"123":10:"":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"123":10:"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (null)
+mbedtls_mpi_cmp_mpi:10:"-123":10:"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"-123":10:"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"":16:"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"0":16:"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"":16:"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"0":16:"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (null)
+mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < large positive
+mbedtls_mpi_cmp_mpi:16:"":16:"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < large positive
+mbedtls_mpi_cmp_mpi:16:"0":16:"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > large negative
+mbedtls_mpi_cmp_mpi:16:"":16:"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > large negative
+mbedtls_mpi_cmp_mpi:16:"0":16:"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (null)
+mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"0":1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (null)
+mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"":-1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"0":-1
+
Base test mbedtls_mpi_lt_mpi_ct #1
mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0
@@ -232,6 +325,9 @@
Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage)
mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Base test mbedtls_mpi_lt_mpi_ct (length=0)
+mbedtls_mpi_lt_mpi_ct:0:"":0:"":0:0
+
Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1
mbedtls_mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0
@@ -304,7 +400,16 @@
Base test mbedtls_mpi_cmp_abs (Negative values) #3
mbedtls_mpi_cmp_abs:10:"-2":10:"-1":1
-Base test mbedtls_mpi_cmp_abs (Zero and Zero) #4
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (null)
+mbedtls_mpi_cmp_abs:10:"":10:"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (1 limb)
+mbedtls_mpi_cmp_abs:10:"":10:"0":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (null)
+mbedtls_mpi_cmp_abs:10:"0":10:"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb)
mbedtls_mpi_cmp_abs:10:"0":10:"0":0
Base test mbedtls_mpi_cmp_abs (Mix values) #1
@@ -316,84 +421,261 @@
Base test mbedtls_mpi_cmp_abs (Mix values) #3
mbedtls_mpi_cmp_abs:10:"-2":10:"1":1
-Copy zero (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:0:1500
+Copy large negative to large negative
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
-Copy zero (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:0:-1500
+Copy large negative to large positive
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
-Copy positive (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:1500:0
+Copy large negative to small negative
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-beef"
-Copy negative (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:-1500:0
+Copy large negative to small positive
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"beef"
-Copy positive (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:1500:-42
+Copy large negative to zero (1 limb)
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"0"
-Copy negative (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:-42:1500
+Copy large negative to zero (null)
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":""
+
+Copy large positive to large negative
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Copy large positive to large positive
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Copy large positive to small negative
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Copy large positive to small positive
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"beef"
+
+Copy large positive to zero (1 limb)
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"0"
+
+Copy large positive to zero (null)
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":""
+
+Copy small negative to large negative
+mbedtls_mpi_copy:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small negative to large positive
+mbedtls_mpi_copy:"-bead":"face1e55ca11ab1ecab005e5"
+
+Copy small negative to small negative
+mbedtls_mpi_copy:"-bead":"-beef"
+
+Copy small negative to small positive
+mbedtls_mpi_copy:"-bead":"beef"
+
+Copy small negative to zero (1 limb)
+mbedtls_mpi_copy:"-bead":"0"
+
+Copy small negative to zero (null)
+mbedtls_mpi_copy:"-bead":""
+
+Copy small positive to large negative
+mbedtls_mpi_copy:"bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small positive to large positive
+mbedtls_mpi_copy:"bead":"face1e55ca11ab1ecab005e5"
+
+Copy small positive to small negative
+mbedtls_mpi_copy:"bead":"-beef"
+
+Copy small positive to small positive
+mbedtls_mpi_copy:"bead":"beef"
+
+Copy small positive to zero (1 limb)
+mbedtls_mpi_copy:"bead":"0"
+
+Copy small positive to zero (null)
+mbedtls_mpi_copy:"bead":""
+
+Copy zero (1 limb) to large negative
+mbedtls_mpi_copy:"0":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to large positive
+mbedtls_mpi_copy:"0":"face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to small negative
+mbedtls_mpi_copy:"0":"-beef"
+
+Copy zero (1 limb) to small positive
+mbedtls_mpi_copy:"0":"beef"
+
+Copy zero (1 limb) to zero (1 limb)
+mbedtls_mpi_copy:"0":"0"
+
+Copy zero (1 limb) to zero (null)
+mbedtls_mpi_copy:"0":""
+
+Copy zero (null) to large negative
+mbedtls_mpi_copy:"":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to large positive
+mbedtls_mpi_copy:"":"face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to small negative
+mbedtls_mpi_copy:"":"-beef"
+
+Copy zero (null) to small positive
+mbedtls_mpi_copy:"":"beef"
+
+Copy zero (null) to zero (1 limb)
+mbedtls_mpi_copy:"":"0"
Copy zero (null) to zero (null)
-mbedtls_mpi_copy_binary:"":""
+mbedtls_mpi_copy:"":""
-Copy zero (null) to positive (1 limb)
-mbedtls_mpi_copy_binary:"":"1234"
+Copy self: large negative
+mpi_copy_self:"-ca5cadedb01dfaceacc01ade"
-Copy positive (1 limb) to zero (null)
-mbedtls_mpi_copy_binary:"1234":""
+Copy self: large positive
+mpi_copy_self:"ca5cadedb01dfaceacc01ade"
-Copy positive to larger
-mbedtls_mpi_copy_binary:"bead":"ca5cadedb01dfaceacc01ade"
+Copy self: small negative
+mpi_copy_self:"-bead"
-Copy positive to smaller
-mbedtls_mpi_copy_binary:"ca5cadedb01dfaceacc01ade":"bead"
-
-Copy self: positive (1 limb)
-mpi_copy_self:14
+Copy self: small positive
+mpi_copy_self:"bead"
Copy self: zero (1 limb)
-mpi_copy_self:0
+mpi_copy_self:"0"
-Swap zero (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:0:1500
+Copy self: zero (null)
+mpi_copy_self:""
-Swap zero (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:0:-1500
+Swap large negative with large negative
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
-Swap positive (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:1500:0
+Swap large negative with large positive
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
-Swap negative (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:-1500:0
+Swap large negative with small negative
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-beef"
-Swap positive (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:1500:-42
+Swap large negative with small positive
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"beef"
-Swap negative (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:-42:1500
+Swap large negative with zero (1 limb)
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"0"
+
+Swap large negative with zero (null)
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":""
+
+Swap large positive with large negative
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Swap large positive with large positive
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Swap large positive with small negative
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Swap large positive with small positive
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"beef"
+
+Swap large positive with zero (1 limb)
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"0"
+
+Swap large positive with zero (null)
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":""
+
+Swap small negative with large negative
+mbedtls_mpi_swap:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small negative with large positive
+mbedtls_mpi_swap:"-bead":"face1e55ca11ab1ecab005e5"
+
+Swap small negative with small negative
+mbedtls_mpi_swap:"-bead":"-beef"
+
+Swap small negative with small positive
+mbedtls_mpi_swap:"-bead":"beef"
+
+Swap small negative with zero (1 limb)
+mbedtls_mpi_swap:"-bead":"0"
+
+Swap small negative with zero (null)
+mbedtls_mpi_swap:"-bead":""
+
+Swap small positive with large negative
+mbedtls_mpi_swap:"bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small positive with large positive
+mbedtls_mpi_swap:"bead":"face1e55ca11ab1ecab005e5"
+
+Swap small positive with small negative
+mbedtls_mpi_swap:"bead":"-beef"
+
+Swap small positive with small positive
+mbedtls_mpi_swap:"bead":"beef"
+
+Swap small positive with zero (1 limb)
+mbedtls_mpi_swap:"bead":"0"
+
+Swap small positive with zero (null)
+mbedtls_mpi_swap:"bead":""
+
+Swap zero (1 limb) with large negative
+mbedtls_mpi_swap:"0":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with large positive
+mbedtls_mpi_swap:"0":"face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with small negative
+mbedtls_mpi_swap:"0":"-beef"
+
+Swap zero (1 limb) with small positive
+mbedtls_mpi_swap:"0":"beef"
+
+Swap zero (1 limb) with zero (1 limb)
+mbedtls_mpi_swap:"0":"0"
+
+Swap zero (1 limb) with zero (null)
+mbedtls_mpi_swap:"0":""
+
+Swap zero (null) with large negative
+mbedtls_mpi_swap:"":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with large positive
+mbedtls_mpi_swap:"":"face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with small negative
+mbedtls_mpi_swap:"":"-beef"
+
+Swap zero (null) with small positive
+mbedtls_mpi_swap:"":"beef"
+
+Swap zero (null) with zero (1 limb)
+mbedtls_mpi_swap:"":"0"
Swap zero (null) with zero (null)
-mbedtls_mpi_swap_binary:"":""
+mbedtls_mpi_swap:"":""
-Swap zero (null) with positive (1 limb)
-mbedtls_mpi_swap_binary:"":"1234"
+Swap self: large negative
+mpi_swap_self:"-ca5cadedb01dfaceacc01ade"
-Swap positive (1 limb) with zero (null)
-mbedtls_mpi_swap_binary:"1234":""
+Swap self: large positive
+mpi_swap_self:"ca5cadedb01dfaceacc01ade"
-Swap positive with larger
-mbedtls_mpi_swap_binary:"bead":"ca5cadedb01dfaceacc01ade"
+Swap self: small negative
+mpi_swap_self:"-bead"
-Swap positive with smaller
-mbedtls_mpi_swap_binary:"ca5cadedb01dfaceacc01ade":"bead"
+Swap self: small positive
+mpi_swap_self:"bead"
-Swap self: 1 limb
-mpi_swap_self:"face"
+Swap self: zero (1 limb)
+mpi_swap_self:"0"
-Swap self: null
+Swap self: zero (null)
mpi_swap_self:""
+Shrink 0 limbs in a buffer of size 0 to 0
+mbedtls_mpi_shrink:0:0:0:0
+
Shrink 2 limbs in a buffer of size 2 to 4
mbedtls_mpi_shrink:2:2:4:4
@@ -418,42 +700,6 @@
Shrink 0 limbs in a buffer of size 4 to 0 yielding 1
mbedtls_mpi_shrink:4:0:0:1
-Test mbedtls_mpi_safe_cond_assign #1
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #2
-mbedtls_mpi_safe_cond_assign:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #3
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_assign #4
-mbedtls_mpi_safe_cond_assign:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #5
-mbedtls_mpi_safe_cond_assign:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #6
-mbedtls_mpi_safe_cond_assign:-1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #1
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #2
-mbedtls_mpi_safe_cond_swap:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #3
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_swap #4
-mbedtls_mpi_safe_cond_swap:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #5
-mbedtls_mpi_safe_cond_swap:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #6
-mbedtls_mpi_safe_cond_swap:-1:"01":-1:"02"
-
Base test mbedtls_mpi_add_abs #1
mbedtls_mpi_add_abs:10:"12345678":10:"642531":10:"12988209"
@@ -466,6 +712,15 @@
Base test mbedtls_mpi_add_abs #4
mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209"
+Test mbedtls_mpi_add_abs: 0 (null) + 0 (null)
+mbedtls_mpi_add_abs:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_add_abs: 0 (null) + 1
+mbedtls_mpi_add_abs:16:"":16:"01":16:"01"
+
+Test mbedtls_mpi_add_abs: 1 + 0 (null)
+mbedtls_mpi_add_abs:16:"01":16:"":16:"01"
+
Test mbedtls_mpi_add_abs #1
mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
@@ -487,6 +742,21 @@
Base test mbedtls_mpi_add_mpi #4
mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209"
+Test mbedtls_mpi_add_mpi: 0 (null) + 0 (null)
+mbedtls_mpi_add_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + 1
+mbedtls_mpi_add_mpi:16:"":16:"01":16:"01"
+
+Test mbedtls_mpi_add_mpi: 1 + 0 (null)
+mbedtls_mpi_add_mpi:16:"01":16:"":16:"01"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + -1
+mbedtls_mpi_add_mpi:16:"":16:"-01":16:"-01"
+
+Test mbedtls_mpi_add_mpi: -1 + 0 (null)
+mbedtls_mpi_add_mpi:16:"-01":16:"":16:"-01"
+
Test mbedtls_mpi_add_mpi #1
mbedtls_mpi_add_mpi:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"735829167410606161590850601304167976688497607296479119740072111384235241328747126510065763883532084601487937110881909725679916932621242907172467691556475037071866553361927361439411910627880345885122142692610250903804554267860479115964668998643528806263534149325837971432443181537363155848647445226342"
@@ -508,6 +778,12 @@
Test mbedtls_mpi_add_int #2
mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
+Test mbedtls_mpi_add_int: 0 (null) + 0
+mbedtls_mpi_add_int:16:"":0:16:"0"
+
+Test mbedtls_mpi_add_int: 0 (null) + 1
+mbedtls_mpi_add_int:16:"":1:16:"1"
+
Base test mbedtls_mpi_sub_abs #1 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
@@ -544,6 +820,24 @@
Base test mbedtls_mpi_sub_abs #4
mbedtls_mpi_sub_abs:10:"7":10:"-5":10:"2":0
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (null)
+mbedtls_mpi_sub_abs:16:"":16:"":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (1 limb)
+mbedtls_mpi_sub_abs:16:"":16:"00":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (null)
+mbedtls_mpi_sub_abs:16:"00":16:"":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (1 limb)
+mbedtls_mpi_sub_abs:16:"00":16:"00":16:"":0
+
+Test mbedtls_mpi_sub_abs: 1 - 0 (null)
+mbedtls_mpi_sub_abs:16:"01":16:"":16:"01":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 1
+mbedtls_mpi_sub_abs:16:"":16:"01":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Test mbedtls_mpi_sub_abs #1
mbedtls_mpi_sub_abs:16:"FFFFFFFFFF":16:"01":16:"FFFFFFFFFE":0
@@ -568,6 +862,27 @@
Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction)
mbedtls_mpi_sub_mpi:10:"5":10:"-7":10:"12"
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null)
+mbedtls_mpi_sub_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb)
+mbedtls_mpi_sub_mpi:16:"":16:"00":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 1
+mbedtls_mpi_sub_mpi:16:"":16:"1":16:"-1"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - -1
+mbedtls_mpi_sub_mpi:16:"":16:"-1":16:"1"
+
+Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null)
+mbedtls_mpi_sub_mpi:16:"00":16:"":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 1 - 0 (null)
+mbedtls_mpi_sub_mpi:16:"1":16:"":16:"1"
+
+Test mbedtls_mpi_sub_mpi: -1 - 0 (null)
+mbedtls_mpi_sub_mpi:16:"-1":16:"":16:"-1"
+
Test mbedtls_mpi_sub_mpi #1
mbedtls_mpi_sub_mpi:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"327915410697802206779318867446098822128109620667782593550526818477669115883344571244192531757243908254863191345527661966602498132304629772495811133247475640339722739829047287290977675016498600299425844468565678239514801901107826091797519355347660820341034314686165532823894621049756947818646317646096"
@@ -580,12 +895,30 @@
Test mbedtls_mpi_sub_int #2
mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
+Test mbedtls_mpi_sub_int: 0 (null) - 0
+mbedtls_mpi_sub_int:16:"":0:16:"0"
+
+Test mbedtls_mpi_sub_int: 0 (null) - 1
+mbedtls_mpi_sub_int:16:"":1:16:"-1"
+
+Test mbedtls_mpi_sub_int: 0 (null) - -1
+mbedtls_mpi_sub_int:16:"":-1:16:"1"
+
Test mbedtls_mpi_shift_l #1
mbedtls_mpi_shift_l:10:"64":1:10:"128"
Test mbedtls_mpi_shift_l #2
mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704"
+Test mbedtls_mpi_shift_l: 0 (null) <<= 0
+mbedtls_mpi_shift_l:16:"":0:16:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 1
+mbedtls_mpi_shift_l:16:"":1:16:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 64
+mbedtls_mpi_shift_l:16:"":64:16:"0"
+
Test mbedtls_mpi_shift_r #1
mbedtls_mpi_shift_r:10:"128":1:10:"64"
@@ -604,6 +937,15 @@
Test mbedtls_mpi_shift_r #7
mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00"
+Test mbedtls_mpi_shift_r: 0 (null) >>= 0
+mbedtls_mpi_shift_r:16:"":0:16:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 1
+mbedtls_mpi_shift_r:16:"":1:16:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 64
+mbedtls_mpi_shift_r:16:"":64:16:"0"
+
Base test mbedtls_mpi_mul_mpi #1
mbedtls_mpi_mul_mpi:10:"5":10:"7":10:"35"
@@ -616,8 +958,131 @@
Base test mbedtls_mpi_mul_mpi #4
mbedtls_mpi_mul_mpi:10:"-5":10:"-7":10:"35"
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null)
+mbedtls_mpi_mul_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb)
+mbedtls_mpi_mul_mpi:16:"":16:"00":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 1
+mbedtls_mpi_mul_mpi:16:"":16:"01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * -1
+mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1
+mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null)
+mbedtls_mpi_mul_mpi:16:"00":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 1 * 0 (null)
+mbedtls_mpi_mul_mpi:16:"01":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (null)
+mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb)
+mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"0"
+
Test mbedtls_mpi_mul_mpi #1
-mbedtls_mpi_mul_mpi:10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188761"
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, B < 0
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
Test mbedtls_mpi_mul_int #1
mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"=="
@@ -631,15 +1096,45 @@
Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure)
mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!="
+Test mbedtls_mpi_mul_int: 0 (null) * 0
+mbedtls_mpi_mul_int:16:"":0:16:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 1
+mbedtls_mpi_mul_int:16:"":1:16:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 0x1234
+mbedtls_mpi_mul_int:16:"":0x1234:16:"":"=="
+
Base test mbedtls_mpi_div_mpi #1
mbedtls_mpi_div_mpi:10:"1000":10:"13":10:"76":10:"12":0
-Base test mbedtls_mpi_div_mpi #2 (Divide by zero)
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb))
mbedtls_mpi_div_mpi:10:"1000":10:"0":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (null))
+mbedtls_mpi_div_mpi:10:"1000":10:"":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
Base test mbedtls_mpi_div_mpi #3
mbedtls_mpi_div_mpi:10:"1000":10:"-13":10:"-76":10:"12":0
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (null)
+mbedtls_mpi_div_mpi:16:"":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (1 limb)
+mbedtls_mpi_div_mpi:16:"":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (null)
+mbedtls_mpi_div_mpi:16:"0":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (1 limb)
+mbedtls_mpi_div_mpi:16:"0":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 1
+mbedtls_mpi_div_mpi:16:"":16:"1":16:"":16:"":0
+
+Test mbedtls_mpi_div_mpi: 0 (null) / -1
+mbedtls_mpi_div_mpi:16:"":16:"-1":16:"":16:"":0
+
Test mbedtls_mpi_div_mpi #1
mbedtls_mpi_div_mpi:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":10:"34":10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
@@ -667,10 +1162,22 @@
Test mbedtls_mpi_div_int #2
mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":-34:10:"-592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
+Test mbedtls_mpi_div_int: 0 (null) / 0
+mbedtls_mpi_div_int:16:"":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (1 limb) / 0
+mbedtls_mpi_div_int:16:"00":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (null) / 1
+mbedtls_mpi_div_int:16:"":1:16:"":16:"":0
+
Base test mbedtls_mpi_mod_mpi #1
mbedtls_mpi_mod_mpi:10:"1000":10:"13":10:"12":0
-Base test mbedtls_mpi_mod_mpi #2 (Divide by zero)
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (null))
+mbedtls_mpi_mod_mpi:10:"1000":10:"":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb))
mbedtls_mpi_mod_mpi:10:"1000":10:"0":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
Base test mbedtls_mpi_mod_mpi #3
@@ -682,6 +1189,12 @@
Base test mbedtls_mpi_mod_mpi #5 (Negative modulo)
mbedtls_mpi_mod_mpi:10:"-1000":10:"-13":10:"-12":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+Test mbedtls_mpi_mod_mpi: 0 (null) % 1
+mbedtls_mpi_mod_mpi:16:"":16:"1":16:"":0
+
+Test mbedtls_mpi_mod_mpi: 0 (null) % -1
+mbedtls_mpi_mod_mpi:16:"":16:"-1":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Base test mbedtls_mpi_mod_int #1
mbedtls_mpi_mod_int:10:"1000":13:12:0
@@ -706,23 +1219,74 @@
Base test mbedtls_mpi_mod_int #8 (By 2)
mbedtls_mpi_mod_int:10:"1000":2:0:0
+Test mbedtls_mpi_mod_int: 0 (null) % 1
+mbedtls_mpi_mod_int:16:"":1:0:0
+
+Test mbedtls_mpi_mod_int: 0 (null) % -1
+mbedtls_mpi_mod_int:16:"":-1:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Base test mbedtls_mpi_exp_mod #1
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"":10:"24":0
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"24":0
Base test mbedtls_mpi_exp_mod #2 (Even N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_exp_mod #2 (N = 0 (null))
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #3 (Negative N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #4 (Negative base)
-mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"":10:"5":0
+mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"5":0
Base test mbedtls_mpi_exp_mod #5 (Negative exponent)
-mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent)
-mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9
+mbedtls_mpi_exp_mod:16:"":16:"01":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9
+mbedtls_mpi_exp_mod:16:"":16:"02":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 1 mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"01":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 2 mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"02":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"01":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"04":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"0a":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"01":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"04":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"0a":16:"00":16:"09":16:"1":0
Test mbedtls_mpi_exp_mod: MAX_SIZE exponent
mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:10:"":0
@@ -744,14 +1308,14 @@
Test mbedtls_mpi_exp_mod #1
depends_on:MPI_MAX_BITS_LARGER_THAN_792
-mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0
+mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0
Test mbedtls_mpi_exp_mod (Negative base) [#1]
-mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"":10:"1":0
+mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"1":0
Test mbedtls_mpi_exp_mod (Negative base) [#2]
depends_on:MPI_MAX_BITS_LARGER_THAN_792
-mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
+mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
Base test GCD #1
mbedtls_mpi_gcd:10:"693":10:"609":10:"21"
@@ -762,24 +1326,105 @@
Base test GCD #3
mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1"
-Test GCD #1
+Test GCD: 0 (null), 0 (null)
+mbedtls_mpi_gcd:16:"":16:"":16:"0"
+
+Test GCD: 0 (null), 0 (1 limb)
+mbedtls_mpi_gcd:16:"":16:"00":16:"0"
+
+Test GCD: 0 (null), 3
+mbedtls_mpi_gcd:16:"":16:"03":16:"3"
+
+Test GCD: 0 (null), 6
+mbedtls_mpi_gcd:16:"":16:"06":16:"6"
+
+Test GCD: 0 (1 limb), 0 (null)
+mbedtls_mpi_gcd:16:"00":16:"":16:"0"
+
+Test GCD: 0 (1 limb), 3
+mbedtls_mpi_gcd:16:"00":16:"03":16:"3"
+
+Test GCD: 0 (1 limb), 6
+mbedtls_mpi_gcd:16:"00":16:"06":16:"6"
+
+Test GCD: 3, 0 (null)
+mbedtls_mpi_gcd:16:"03":16:"":16:"3"
+
+Test GCD: 3, 0 (1 limb)
+mbedtls_mpi_gcd:16:"03":16:"00":16:"3"
+
+Test GCD: 6, 0 (null)
+mbedtls_mpi_gcd:16:"06":16:"":16:"6"
+
+Test GCD: 6, 0 (1 limb)
+mbedtls_mpi_gcd:16:"06":16:"00":16:"6"
+
+Test GCD: gcd=1, 0 < A < B
mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+Test GCD: gcd=1, 0 < B < A
+mbedtls_mpi_gcd:10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"1"
+
+Test GCD: gcd=1, A > 0, B < 0
+mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=1, A < 0 < B, |A| < |B|
+mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=1, B < A < 0
+mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=2, 0 < A < B
+mbedtls_mpi_gcd:10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"2"
+
+Test GCD: gcd=2, 0 < B < A
+mbedtls_mpi_gcd:10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"2"
+
+Test GCD: gcd=3, 0 < A < B
+mbedtls_mpi_gcd:10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"3"
+
+Test GCD: gcd=3, 0 < B < A
+mbedtls_mpi_gcd:10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"3"
+
+Test GCD: gcd=4, 0 < A < B
+mbedtls_mpi_gcd:10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"4"
+
+Test GCD: gcd=4, 0 < B < A
+mbedtls_mpi_gcd:10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"4"
+
+Test GCD: gcd=6, 0 < A < B
+mbedtls_mpi_gcd:10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"6"
+
+Test GCD: gcd=6, 0 < B < A
+mbedtls_mpi_gcd:10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"6"
+
+Test GCD: 0 < A = B
+mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847"
+
Base test mbedtls_mpi_inv_mod #1
mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0
-Base test mbedtls_mpi_inv_mod #2
+Test mbedtls_mpi_inv_mod: mod 0 (null)
+mbedtls_mpi_inv_mod:10:"3":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_inv_mod: mod 0 (1 limb)
mbedtls_mpi_inv_mod:10:"3":10:"0":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-Base test mbedtls_mpi_inv_mod #3
+Test mbedtls_mpi_inv_mod: mod negative
mbedtls_mpi_inv_mod:10:"3":10:"-11":10:"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-Base test mbedtls_mpi_inv_mod #4
+Test mbedtls_mpi_inv_mod: 2^-1 mod 4
mbedtls_mpi_inv_mod:10:"2":10:"4":10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-Base test mbedtls_mpi_inv_mod #5
+Test mbedtls_mpi_inv_mod: mod 1
mbedtls_mpi_inv_mod:10:"3":10:"1":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Test mbedtls_mpi_inv_mod: 0 (null) ^-1
+mbedtls_mpi_inv_mod:16:"":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_inv_mod: 0 (1 limb) ^-1
+mbedtls_mpi_inv_mod:16:"00":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
Test mbedtls_mpi_inv_mod #1
mbedtls_mpi_inv_mod:16:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":16:"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":16:"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0
@@ -964,6 +1609,9 @@
Test bit getting (Larger and non-existing limb)
mbedtls_mpi_get_bit:10:"49979687":500:0
+Test bit getting in 0 (null)
+mbedtls_mpi_get_bit:10:"":500:0
+
Test bit getting (Value bit 24)
mbedtls_mpi_get_bit:10:"49979687":24:0
@@ -982,6 +1630,12 @@
Test bit set (Add above existing limbs with a 1)
mbedtls_mpi_set_bit:10:"49979687":80:1:10:"1208925819614629224685863":0
+Test bit set (Add to 0 (null) with a 0)
+mbedtls_mpi_set_bit:16:"":65:0:16:"":0
+
+Test bit set (Add to 0 (null) with a 1)
+mbedtls_mpi_set_bit:16:"":65:1:16:"020000000000000000":0
+
Test bit set (Bit index larger than 31 with a 0)
mbedtls_mpi_set_bit:16:"FFFFFFFFFFFFFFFF":32:0:16:"FFFFFFFEFFFFFFFF":0
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index 5807984..360916a 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -6,6 +6,18 @@
#define MPI_MAX_BITS_LARGER_THAN_792
#endif
+/* Check the validity of the sign bit in an MPI object. Reject representations
+ * that are not supported by the rest of the library and indicate a bug when
+ * constructing the value. */
+static int sign_is_valid( const mbedtls_mpi *X )
+{
+ if( X->s != 1 && X->s != -1 )
+ return( 0 ); // invalid sign bit, e.g. 0
+ if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
+ return( 0 ); // negative zero
+ return( 1 );
+}
+
typedef struct mbedtls_test_mpi_random
{
data_t *data;
@@ -365,6 +377,7 @@
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read );
if( result_read == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write );
if( result_write == 0 )
{
@@ -389,6 +402,7 @@
TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
@@ -408,6 +422,7 @@
TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
@@ -429,7 +444,7 @@
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
buflen = mbedtls_mpi_size( &X );
if( buflen > (size_t) output_size )
@@ -461,7 +476,7 @@
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
buflen = mbedtls_mpi_size( &X );
if( buflen > (size_t) output_size )
@@ -502,6 +517,7 @@
if( result == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
buflen = mbedtls_mpi_size( &X );
TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
@@ -525,7 +541,7 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
file_out = fopen( output_file, "w" );
TEST_ASSERT( file_out != NULL );
@@ -551,7 +567,7 @@
{
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val );
exit:
@@ -566,12 +582,13 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, output_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, output_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result );
if( result == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
}
@@ -586,7 +603,7 @@
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits );
exit:
@@ -600,7 +617,7 @@
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits );
exit:
@@ -615,10 +632,11 @@
mbedtls_mpi A, X, Y, Z;
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -647,8 +665,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A );
exit:
@@ -666,8 +684,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
@@ -688,8 +706,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A );
exit:
@@ -698,55 +716,125 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_copy_sint( int input_X, int input_Y )
+void mbedtls_mpi_copy( char *src_hex, char *dst_hex )
{
- mbedtls_mpi X, Y;
+ mbedtls_mpi src, dst, ref;
+ mbedtls_mpi_init( &src );
+ mbedtls_mpi_init( &dst );
+ mbedtls_mpi_init( &ref );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &src, 16, src_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ref, 16, dst_hex ) == 0 );
+
+ /* mbedtls_mpi_copy() */
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_assign(), assignment done */
+ mbedtls_mpi_free( &dst );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_assign(), assignment not done */
+ mbedtls_mpi_free( &dst );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 );
+
+exit:
+ mbedtls_mpi_free( &src );
+ mbedtls_mpi_free( &dst );
+ mbedtls_mpi_free( &ref );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_copy_self( char *input_X )
+{
+ mbedtls_mpi X, A;
+ mbedtls_mpi_init( &A );
+ mbedtls_mpi_init( &X );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, 16, input_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
+
+exit:
+ mbedtls_mpi_free( &A );
+ mbedtls_mpi_free( &X );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_mpi_swap( char *X_hex, char *Y_hex )
+{
+ mbedtls_mpi X, Y, X0, Y0;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
+ mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y0, 16, Y_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
+ /* mbedtls_mpi_swap() */
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ mbedtls_mpi_swap( &X, &Y );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_swap(), swap done */
+ mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &Y );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_swap(), swap not done */
+ mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &Y );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 );
exit:
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
+ mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y )
+void mpi_swap_self( char *X_hex )
{
- mbedtls_mpi X, Y, X0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 );
+ mbedtls_mpi X, X0;
+ mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 );
+
+ mbedtls_mpi_swap( &X, &X );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_copy_self( int input_X )
-{
- mbedtls_mpi X;
- mbedtls_mpi_init( &X );
-
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
}
/* END_CASE */
@@ -757,10 +845,14 @@
mbedtls_mpi_init( &X );
TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 );
- TEST_ASSERT( used <= before );
- memset( X.p, 0x2a, used * sizeof( mbedtls_mpi_uint ) );
+ if( used > 0 )
+ {
+ size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint );
+ TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 );
+ }
+ TEST_EQUAL( X.n, (size_t) before );
TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 );
- TEST_ASSERT( X.n == (size_t) after );
+ TEST_EQUAL( X.n, (size_t) after );
exit:
mbedtls_mpi_free( &X );
@@ -768,139 +860,28 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign,
- char * y_str )
-{
- mbedtls_mpi X, Y, XX;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX );
-
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
- X.s = x_sign;
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
- Y.s = y_sign;
- TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &XX );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign,
- char * y_str )
-{
- mbedtls_mpi X, Y, XX, YY;
-
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- mbedtls_mpi_init( &XX ); mbedtls_mpi_init( &YY );
-
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
- X.s = x_sign;
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
- Y.s = y_sign;
-
- TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &YY, &Y ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &YY ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &XX ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &YY ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
- mbedtls_mpi_free( &XX ); mbedtls_mpi_free( &YY );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_sint( int input_X, int input_Y )
-{
- mbedtls_mpi X, Y;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_Y ) == 0 );
-
- mbedtls_mpi_swap( &X, &Y );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y )
-{
- mbedtls_mpi X, Y, X0, Y0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
-
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y0, input_Y->x, input_Y->len ) == 0 );
-
- mbedtls_mpi_swap( &X, &Y );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
- mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_swap_self( data_t *input_X )
-{
- mbedtls_mpi X, X0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
-
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
-
- mbedtls_mpi_swap( &X, &X );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y,
char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -915,18 +896,21 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -942,19 +926,22 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -969,9 +956,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -986,19 +974,22 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -1015,23 +1006,26 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_sub_abs( &Z, &X, &Y );
TEST_ASSERT( res == sub_result );
+ TEST_ASSERT( sign_is_valid( &Z ) );
if( res == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
+ TEST_ASSERT( sign_is_valid( &X ) );
if( sub_result == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
+ TEST_ASSERT( sign_is_valid( &Y ) );
if( sub_result == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
@@ -1047,9 +1041,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -1064,10 +1059,11 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -1083,9 +1079,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
if( strcmp( result_comparison, "==" ) == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
else if( strcmp( result_comparison, "!=" ) == 0 )
@@ -1108,14 +1105,16 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R );
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 );
res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Q ) );
+ TEST_ASSERT( sign_is_valid( &R ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
}
@@ -1136,13 +1135,15 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A );
mbedtls_mpi_init( &B );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 );
res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Q ) );
+ TEST_ASSERT( sign_is_valid( &R ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
}
@@ -1162,13 +1163,14 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_mod_mpi( &X, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
}
@@ -1186,7 +1188,7 @@
mbedtls_mpi_uint r;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
res = mbedtls_mpi_mod_int( &r, &X, input_Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
@@ -1202,26 +1204,41 @@
/* BEGIN_CASE */
void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E,
char * input_E, int radix_N, char * input_N,
- int radix_RR, char * input_RR, int radix_X,
- char * input_X, int div_result )
+ int radix_X, char * input_X, int exp_result )
{
mbedtls_mpi A, E, N, RR, Z, X;
int res;
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
- if( strlen( input_RR ) )
- TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 );
-
- res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
- TEST_ASSERT( res == div_result );
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL );
+ TEST_ASSERT( res == exp_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Z ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
+ }
+
+ /* Now test again with the speed-up parameter supplied as an output. */
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
+ TEST_ASSERT( res == exp_result );
+ if( res == 0 )
+ {
+ TEST_ASSERT( sign_is_valid( &Z ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
+ }
+
+ /* Now test again with the speed-up parameter supplied in calculated form. */
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
+ TEST_ASSERT( res == exp_result );
+ if( res == 0 )
+ {
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
}
@@ -1255,7 +1272,7 @@
TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 );
if( strlen( input_RR ) )
- TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &RR, radix_RR, input_RR ) == 0 );
TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result );
@@ -1274,13 +1291,14 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_inv_mod( &Z, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
}
@@ -1296,7 +1314,7 @@
int res;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( res == div_result );
@@ -1356,6 +1374,7 @@
TEST_ASSERT( actual_bits >= (size_t) bits );
TEST_ASSERT( actual_bits <= (size_t) bits + 1 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
mbedtls_test_rnd_std_rand,
@@ -1382,9 +1401,10 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -1399,9 +1419,10 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -1443,6 +1464,7 @@
TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros ==
(size_t) wanted_bytes );
TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes );
+ TEST_ASSERT( sign_is_valid( &X ) );
}
exit:
@@ -1500,6 +1522,7 @@
TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
mbedtls_test_rnd_std_rand, NULL ) );
+ TEST_ASSERT( sign_is_valid( &result ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
if( full_stats )
@@ -1581,6 +1604,7 @@
bound_bytes->x, bound_bytes->len ) );
TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
mbedtls_test_rnd_std_rand, NULL ) );
+ TEST_ASSERT( sign_is_valid( &result ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index bc469b6..82d1573 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -670,8 +670,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
@@ -713,8 +713,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
if( digest != MBEDTLS_MD_NONE )
@@ -801,7 +801,7 @@
TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
@@ -883,8 +883,9 @@
void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret )
{
mbedtls_pk_context pk;
- size_t sig_len;
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+ size_t sig_len, hash_len;
+ mbedtls_md_type_t md = MBEDTLS_MD_SHA256;
+ unsigned char *hash = NULL;
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
void *rs_ctx = NULL;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
@@ -898,40 +899,43 @@
mbedtls_ecp_set_max_ops( 42000 );
#endif
+ hash_len = mbedtls_md_get_size( mbedtls_md_info_from_type( md ) );
+ ASSERT_ALLOC( hash, hash_len );
+
mbedtls_pk_init( &pk );
USE_PSA_INIT( );
- memset( hash, 0x2a, sizeof hash );
+ memset( hash, 0x2a, hash_len );
memset( sig, 0, sizeof sig );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 );
- TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, &sig_len,
+ TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, md,
+ hash, hash_len, sig, &sig_len,
mbedtls_test_rnd_std_rand, NULL, rs_ctx ) == sign_ret );
if( sign_ret == 0 )
TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE );
else
sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len ) == verify_ret );
+ TEST_ASSERT( mbedtls_pk_verify( &pk, md,
+ hash, hash_len, sig, sig_len ) == verify_ret );
if( verify_ret == 0 )
{
hash[0]++;
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify( &pk, md,
+ hash, hash_len, sig, sig_len ) != 0 );
hash[0]--;
sig[0]++;
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify( &pk, md,
+ hash, hash_len, sig, sig_len ) != 0 );
sig[0]--;
}
- TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
+ TEST_ASSERT( mbedtls_pk_sign( &pk, md, hash, hash_len,
sig, &sig_len,
mbedtls_test_rnd_std_rand,
NULL ) == sign_ret );
@@ -940,19 +944,19 @@
else
sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE;
- TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len, rs_ctx ) == verify_ret );
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md,
+ hash, hash_len, sig, sig_len, rs_ctx ) == verify_ret );
if( verify_ret == 0 )
{
hash[0]++;
- TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md,
+ hash, hash_len, sig, sig_len, rs_ctx ) != 0 );
hash[0]--;
sig[0]++;
- TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, MBEDTLS_MD_SHA256,
- hash, sizeof hash, sig, sig_len, rs_ctx ) != 0 );
+ TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md,
+ hash, hash_len, sig, sig_len, rs_ctx ) != 0 );
sig[0]--;
}
@@ -961,6 +965,7 @@
mbedtls_pk_restart_free( rs_ctx );
#endif
mbedtls_pk_free( &pk );
+ mbedtls_free( hash );
USE_PSA_DONE( );
}
/* END_CASE */
@@ -985,8 +990,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
output, &olen, sizeof( output ),
@@ -1024,12 +1029,12 @@
rsa = mbedtls_pk_rsa( pk );
/* load public key */
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
/* load private key */
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 9af6aec..d355340 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -28,8 +28,8 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
@@ -76,10 +76,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -289,10 +289,10 @@
memset( hash_result, 0x00, sizeof( hash_result ) );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -335,8 +335,8 @@
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b58c486..cf524f6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -365,116 +365,144 @@
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
-PSA key policy: ECC SECP256R1, sign
+PSA key policy: ECC SECP256R1, SIGN_HASH -> SIGN_HASH+MESSAGE
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY
-PSA key policy: ECC SECP256R1, sign+verify
+PSA key policy: ECC SECP256R1, VERIFY_HASH -> VERIFY_HASH+MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE}
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
-PSA key policy: ECC SECP256R1, sign message
+PSA key policy: ECC SECP256R1, {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY
+
+PSA key policy: ECC SECP256R1, SIGN_MESSAGE
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
-PSA key policy: ECC SECP256R1, sign+verify message
+PSA key policy: ECC SECP256R1, VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy: ECC SECP256R1, SIGN+VERIFY_MESSAGE
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
Key attributes initializers zero properly
key_attributes_init:
-PSA key policy: MAC, sign | verify
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-
-PSA key policy: MAC, wrong algorithm
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: MAC, alg=0 in policy
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: MAC, ANY_HASH in policy is not meaningful
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
-
-PSA key policy: MAC, sign but not verify
+PSA key policy: MAC, SIGN_HASH -> SIGN_HASH+MESSAGE
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
-PSA key policy: MAC, verify but not sign
+PSA key policy: MAC, VERIFY_HASH -> VERIFY_HASH+MESSAGE
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+PSA key policy: MAC, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key policy: MAC, {SIGN,VERIFY}_{HASH,MESSAGE}
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key policy: MAC, SIGN_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key policy: MAC, VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA key policy: MAC, SIGN+VERIFY_MESSAGE
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
PSA key policy: MAC, neither sign nor verify
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+PSA key policy: MAC, wrong algorithm
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, alg=0 in policy
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+
+PSA key policy: MAC, ANY_HASH in policy is not meaningful
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+
PSA key policy: HMAC, sign-verify, tag length > min-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 30):PSA_SUCCESS
PSA key policy: HMAC, sign-verify, tag length = min-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS
PSA key policy: HMAC, sign-verify, tag length < min-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED
PSA key policy: CMAC, sign-verify, tag length > min-length policy
depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):PSA_SUCCESS
PSA key policy: CMAC, sign-verify, tag length = min-length policy
depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 10):PSA_SUCCESS
PSA key policy: CMAC, sign-verify, tag length < min-length policy
depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 10):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 8):PSA_ERROR_NOT_PERMITTED
PSA key policy: HMAC, sign-verify, default tag length > min-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 31):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
PSA key policy: HMAC, sign-verify, default tag length = min-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 32):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
PSA key policy: HMAC, sign-verify, default tag length < min-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_PERMITTED
PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg
depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 20):PSA_ERROR_NOT_PERMITTED
PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different hash base)
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 20):PSA_ERROR_NOT_PERMITTED
PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different algorithm)
depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CMAC:PSA_ERROR_NOT_PERMITTED
PSA key policy: HMAC, sign-verify, min-length policy used as algorithm
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_INVALID_ARGUMENT
PSA key policy: HMAC, sign-verify, tag length > exact-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_ERROR_NOT_PERMITTED
PSA key policy: HMAC, sign-verify, tag length = exact-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_SUCCESS
PSA key policy: HMAC, sign-verify, tag length < exact-length policy
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED
+mac_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 10):PSA_ERROR_NOT_PERMITTED
PSA key policy: cipher, encrypt | decrypt
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
@@ -612,85 +640,105 @@
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
-PSA key policy: asymmetric signature, sign | verify
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 SHA-256
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 raw
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify hash, ECDSA SHA-256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE
+
+PSA key policy: asymmetric signature, verify, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE
+
+PSA key policy: asymmetric signature, sign | verify, key usage extension
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wrong algorithm family
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, wrong hash algorithm
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, alg=0 in policy
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, sign but not verify
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE
PSA key policy: asymmetric signature, verify but not sign
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
-asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature, neither sign nor verify
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
-asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C
+asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:0
PSA key policy: asymmetric signature for message, sign | verify
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature for message, wrong algorithm family
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature for message, wildcard in policy, wrong algorithm family
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature for message, wildcard in policy, ECDSA SHA-256
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature for message, wildcard in policy, PKCS#1v1.5 SHA-256
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature for message, wrong hash algorithm
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature for message, alg=0 in policy
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: asymmetric signature for message, sign but not verify
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE
PSA key policy: asymmetric signature for message, verify but not sign
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
-asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_VERIFY_MESSAGE
PSA key policy: derive via HKDF, permitted
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
@@ -760,11 +808,15 @@
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING
-PSA key policy algorithm2: ECDH, ECDSA
-depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
-key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY
+PSA key policy algorithm2: ECDH, ECDSA, HASH usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
-PSA key policy algorithm2 with message signature: ECDH, ECDSA
+PSA key policy algorithm2: ECDH, ECDSA, HASH+MESSAGE usage
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+
+PSA key policy algorithm2: ECDH, ECDSA, MESSAGE usage
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
@@ -805,55 +857,63 @@
Copy key: RSA key pair, same usage flags
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+
+Copy key: RSA key pair, extended usage flags
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, fewer usage flags
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, more usage flags
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, intersect usage flags #0
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, intersect usage flags #1
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, wildcard algorithm in source
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, wildcard algorithm in target
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0
Copy key: RSA key pair, wildcard algorithm in source and target
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_MD_C
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0
Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+
+Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
Copy key: source=ECDSA+ECDH, target=ECDSA+0
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0
Copy key: source=ECDSA+ECDH, target=0+ECDH
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH
Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH
Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256)
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
-copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
+copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256)
Copy fail: raw data, no COPY flag
copy_fail:PSA_KEY_USAGE_EXPORT:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_NOT_PERMITTED
@@ -866,41 +926,45 @@
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+Copy key: source=MAC, target=MAC extended usage flags
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0
+
Copy key: source=MAC min-length, target=MAC length > min-length
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
Copy key: source=MAC min-length, target=MAC length = min-length
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
Copy fail: source=MAC min-length, target=MAC length < min-length
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy key: source=MAC min-length, target=MAC min-length, src > tgt
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
Copy key: source=MAC min-length, target=MAC min-length, src = tgt
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
Copy key: source=MAC min-length, target=MAC min-length, src < tgt
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0
Copy fail: source=MAC, target=MAC min-length > length
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+copy_fail:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 24):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
Copy key: source=MAC, target=MAC min-length = length
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
Copy key: source=MAC, target=MAC min-length < length
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
-copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
+copy_success:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 16):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 20):0
Copy key: source=AEAD min-length, target=AEAD length > min-length
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
@@ -1418,125 +1482,285 @@
PSA cipher: bad order function calls
cipher_bad_order:
-PSA symmetric encrypt: AES-ECB, 0 bytes, good
+PSA cipher encrypt: without initialization
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":PSA_ERROR_BAD_STATE
-PSA symmetric encrypt: AES-ECB, 16 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+PSA cipher encrypt: invalid key type
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
-PSA symmetric encrypt: AES-ECB, 32 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS
+PSA cipher encrypt: incompatible key ARC4 for CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_encrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_ARC4:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
-PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
-depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+PSA cipher encrypt: bad algorithm (unknown cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"":PSA_ERROR_NOT_SUPPORTED
-PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
-depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
-
-PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
-depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+PSA cipher encrypt: bad algorithm (not a cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_fail:PSA_ALG_MD4:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric encrypt: AES-ECB, input too short (15 bytes)
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":"":PSA_ERROR_INVALID_ARGUMENT
+cipher_encrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric encrypt: AES-CBC-nopad, input too short
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
-PSA symmetric encrypt: AES-CTR, 16 bytes, good
-depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":""
-PSA symmetric encrypt: AES-CTR, 15 bytes, good
-depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+PSA symmetric encrypt: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97"
-PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
-depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
-
-PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
-
-PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
-depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
+PSA symmetric encrypt: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1"
PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":"5d0652429c5b0ac7":PSA_SUCCESS
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7"
PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_encrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":"817ca7d69b80d86a":PSA_SUCCESS
+cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a"
-PSA symmetric decrypt: AES-ECB, 0 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-ECB, 16 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-ECB, 32 bytes, good
-depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
-
-PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
+PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
+PSA symmetric encrypt validation: AES-CBC-PKCS#7, 16 bytes, good
depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
+PSA symmetric encrypt validation: AES-CBC-PKCS#7, 15 bytes, good
depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt validation: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9"
+
+PSA symmetric encrypt validation: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9"
+
+PSA symmetric encrypt validation: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_validation:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9"
+
+PSA symmetric encrypt multipart: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":32:32:0:"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:0:0:"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e11739317":0:0:0:"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt multipart: AES-CBC-nopad, input too short
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"64f917b0152f8f05":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"eda4011239bc3ac9":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"c78e2b38139610e3":8:8:0:"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"c78e2b38139610e3":8:8:0:"817ca7d69b80d86a":PSA_SUCCESS
+
+PSA cipher decrypt: without initialization
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"":"":"":PSA_ERROR_BAD_STATE
+
+PSA cipher decrypt: invalid key type
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: incompatible key ARC4 for CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_decrypt_fail:PSA_ALG_CTR:PSA_KEY_TYPE_ARC4:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: bad algorithm (unknown cipher algorithm)
+cipher_decrypt_fail:PSA_ALG_CATEGORY_CIPHER:PSA_KEY_TYPE_RAW_DATA:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher decrypt: bad algorithm (not a cipher algorithm)
+depends_on:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_fail:PSA_ALG_MD4:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT
-
-PSA symmetric decrypt: AES-CTR, 16 bytes, good
-depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+cipher_decrypt_fail:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-ECB, input too short (15 bytes)
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT
+cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+cipher_decrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":""
+
+PSA symmetric decrypt: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f"
+
+PSA symmetric decrypt: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97"
+
+PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric decrypt: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2"
PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":"eda4011239bc3ac9"
PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":"eda4011239bc3ac9"
PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":"eda4011239bc3ac9"
PSA symmetric decrypt: 2-key 3DES-ECB, 8 bytes, good
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":"c78e2b38139610e3"
PSA symmetric decrypt: 3-key 3DES-ECB, 8 bytes, good
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
-cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":"c78e2b38139610e3"
+
+PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":32:32:0:"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":16:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":16:0:0:"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CBC-PKCS#7, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:0:"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes)
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":0:0:0:"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes)
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":0:0:0:"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric decrypt multipart: DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"2a2a2a2a2a2a2a2a":"64f917b0152f8f05":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"2a2a2a2a2a2a2a2a":"5d0652429c5b0ac7":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"2a2a2a2a2a2a2a2a":"817ca7d69b80d86a":8:8:0:"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 2-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"":"5d0652429c5b0ac7":8:8:0:"c78e2b38139610e3":PSA_SUCCESS
+
+PSA symmetric decrypt multipart: 3-key 3DES-ECB, 8 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"":"817ca7d69b80d86a":8:8:0:"c78e2b38139610e3":PSA_SUCCESS
PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
@@ -1560,151 +1784,171 @@
PSA symmetric encryption multipart: AES-ECB, 16+16 bytes
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
PSA symmetric encryption multipart: AES-ECB, 13+19 bytes
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":13:0:32:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
PSA symmetric encryption multipart: AES-ECB, 24+12 bytes
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c"
+cipher_encrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":24:16:16:"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 16+16 bytes
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 11+21 bytes
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-ECB, 28+4 bytes
depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encrypt/decrypt multipart: AES-ECB, 16 bytes, good
+depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 16 bytes, good
+depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 16 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7, 15 bytes
+depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15
+
+PSA symmetric encrypt/decrypt multipart: AES-CTR
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_verify_output_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16
PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
@@ -1714,25 +1958,33 @@
depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES
cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
-PSA symmetric encrypt: ChaCha20, K=0 N=0
+PSA symmetric encrypt validation: ChaCha20, K=0 N=0
depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
-cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
-PSA symmetric encrypt: ChaCha20, K=rand N=rand
+PSA symmetric encrypt validation: ChaCha20, K=rand N=rand
depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
-cipher_encrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+
+PSA symmetric encrypt multipart: ChaCha20, K=0 N=0
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":PSA_SUCCESS
+
+PSA symmetric encrypt multipart: ChaCha20, K=rand N=rand
+depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
PSA symmetric encryption multipart: ChaCha20, 14+50 bytes
depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
-cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4"
+cipher_encrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
-PSA symmetric decrypt: ChaCha20, K=rand N=rand
+PSA symmetric decrypt multipart: ChaCha20, K=rand N=rand
depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
-cipher_decrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
+cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":64:64:0:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
PSA symmetric decryption multipart: ChaCha20, 14+50 bytes
depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20
-cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4"
+cipher_decrypt_multipart:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":"a170d9349d24955aa4501891":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":14:14:50:"9ba7d8de0c6b579fc436e368619e09228070d23246c836d6c6b4c476af6f5eb2b78fbe809d03f7881e6af28cfe3746e8dcf1eb7f762fe7d003141f1539a6cec4":PSA_SUCCESS
PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
@@ -2206,6 +2458,14 @@
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
+PSA sign hash: RSA PSS SHA-256, wrong hash length (0 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign hash: RSA PSS SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":127:PSA_ERROR_INVALID_ARGUMENT
+
PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
@@ -2246,18 +2506,10 @@
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-PSA sign/verify hash: RSA PSS SHA-256, 0 bytes
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
-sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):""
-
PSA sign/verify hash: RSA PSS SHA-256, 32 bytes (hash size)
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
-PSA sign/verify hash: RSA PSS SHA-256, 129 bytes
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
-sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-
PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-256
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
@@ -2314,17 +2566,17 @@
depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
-PSA verify hash: RSA PSS SHA-256, good signature, 0 bytes
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
-verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d"
-
PSA verify hash: RSA PSS SHA-256, good signature, 32 bytes (hash size)
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7"
-PSA verify hash: RSA PSS SHA-256, good signature, 129 bytes
+PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes)
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
-verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308"
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify hash: RSA PSS SHA-256, wrong hash length (129 bytes)
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308":PSA_ERROR_INVALID_ARGUMENT
PSA verify hash: ECDSA SECP256R1, good
depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5e32a89..82f17c8 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -19,6 +19,11 @@
/* If this comes up, it's a bug in the test code or in the test data. */
#define UNUSED 0xdeadbeef
+/* Assert that an operation is (not) active.
+ * This serves as a proxy for checking if the operation is aborted. */
+#define ASSERT_OPERATION_IS_ACTIVE( operation ) TEST_ASSERT( operation.id != 0 )
+#define ASSERT_OPERATION_IS_INACTIVE( operation ) TEST_ASSERT( operation.id == 0 )
+
/** An invalid export length that will never be set by psa_export_key(). */
static const size_t INVALID_EXPORT_LENGTH = ~0U;
@@ -378,7 +383,8 @@
PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
- TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
+ TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ),
+ mbedtls_test_update_key_usage_flags( usage ) );
TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
ASSERT_NO_SLOT_NUMBER( &got_attributes );
@@ -799,7 +805,9 @@
int usage_arg, int alg_arg )
{
test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg,
- usage_arg, usage_arg, alg_arg, alg_arg );
+ usage_arg,
+ mbedtls_test_update_key_usage_flags( usage_arg ),
+ alg_arg, alg_arg );
goto exit;
}
/* END_CASE */
@@ -840,16 +848,20 @@
/* END_CASE */
/* BEGIN_CASE */
-void mac_key_policy( int policy_usage,
- int policy_alg,
- int key_type,
+void mac_key_policy( int policy_usage_arg,
+ int policy_alg_arg,
+ int key_type_arg,
data_t *key_data,
- int exercise_alg,
+ int exercise_alg_arg,
int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t policy_alg = policy_alg_arg;
+ psa_algorithm_t exercise_alg = exercise_alg_arg;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
psa_status_t expected_status = expected_status_arg;
unsigned char mac[PSA_MAC_MAX_SIZE];
@@ -863,6 +875,9 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
status = psa_mac_sign_setup( &operation, key, exercise_alg );
if( ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) == 0 )
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
@@ -886,7 +901,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_key_policy( int policy_usage,
+void cipher_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
@@ -895,6 +910,7 @@
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
PSA_ASSERT( psa_crypto_init( ) );
@@ -906,6 +922,10 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Check if no key usage flag implication is done */
+ TEST_EQUAL( policy_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
status = psa_cipher_encrypt_setup( &operation, key, exercise_alg );
if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
@@ -929,7 +949,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void aead_key_policy( int policy_usage,
+void aead_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
@@ -940,6 +960,7 @@
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
psa_status_t expected_status = expected_status_arg;
unsigned char nonce[16] = {0};
@@ -960,6 +981,10 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Check if no key usage implication is done */
+ TEST_EQUAL( policy_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
status = psa_aead_encrypt( key, exercise_alg,
nonce, nonce_length,
NULL, 0,
@@ -992,7 +1017,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void asymmetric_encryption_key_policy( int policy_usage,
+void asymmetric_encryption_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
@@ -1000,6 +1025,7 @@
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
psa_status_t status;
size_t key_bits;
size_t buffer_length;
@@ -1015,6 +1041,10 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Check if no key usage implication is done */
+ TEST_EQUAL( policy_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
key_bits = psa_get_key_bits( &attributes );
buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
@@ -1059,15 +1089,18 @@
/* END_CASE */
/* BEGIN_CASE */
-void asymmetric_signature_key_policy( int policy_usage,
+void asymmetric_signature_key_policy( int policy_usage_arg,
int policy_alg,
int key_type,
data_t *key_data,
int exercise_alg,
- int payload_length_arg )
+ int payload_length_arg,
+ int expected_usage_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_usage_t policy_usage = policy_usage_arg;
+ psa_key_usage_t expected_usage = expected_usage_arg;
psa_status_t status;
unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
/* If `payload_length_arg > 0`, `exercise_alg` is supposed to be
@@ -1079,6 +1112,11 @@
unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0};
size_t signature_length;
+ /* Check if all implicit usage flags are deployed
+ in the expected usage flags. */
+ TEST_EQUAL( expected_usage,
+ mbedtls_test_update_key_usage_flags( policy_usage ) );
+
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, policy_usage );
@@ -1088,11 +1126,13 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage );
+
status = psa_sign_hash( key, exercise_alg,
payload, payload_length,
signature, sizeof( signature ),
&signature_length );
- if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 )
PSA_ASSERT( status );
else
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
@@ -1101,11 +1141,33 @@
status = psa_verify_hash( key, exercise_alg,
payload, payload_length,
signature, sizeof( signature ) );
- if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 )
TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
else
TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ if( PSA_ALG_IS_HASH_AND_SIGN( exercise_alg ) &&
+ PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( exercise_alg ) ) )
+ {
+ status = psa_sign_message( key, exercise_alg,
+ payload, payload_length,
+ signature, sizeof( signature ),
+ &signature_length );
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+ memset( signature, 0, sizeof( signature ) );
+ status = psa_verify_message( key, exercise_alg,
+ payload, payload_length,
+ signature, sizeof( signature ) );
+ if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) != 0 )
+ TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ }
+
exit:
psa_destroy_key( key );
PSA_DONE( );
@@ -1218,6 +1280,8 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
+ /* Update the usage flags to obtain implicit usage flags */
+ usage = mbedtls_test_update_key_usage_flags( usage );
PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) );
TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage );
TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg );
@@ -1601,15 +1665,28 @@
/* Call setup twice in a row. */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_hash_setup( &operation, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_hash_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call update without calling setup beforehand. */
TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
PSA_ERROR_BAD_STATE );
PSA_ASSERT( psa_hash_abort( &operation ) );
+ /* Check that update calls abort on error. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ operation.id = UINT_MAX;
+ ASSERT_OPERATION_IS_ACTIVE( operation );
+ TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
+
/* Call update after finish. */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
PSA_ASSERT( psa_hash_finish( &operation,
@@ -1635,11 +1712,14 @@
/* Call verify twice in a row. */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
PSA_ASSERT( psa_hash_verify( &operation,
valid_hash, sizeof( valid_hash ) ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
TEST_EQUAL( psa_hash_verify( &operation,
valid_hash, sizeof( valid_hash ) ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_hash_abort( &operation ) );
/* Call finish without calling setup beforehand. */
@@ -1688,8 +1768,12 @@
/* psa_hash_verify with a smaller hash than expected */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ),
PSA_ERROR_INVALID_SIGNATURE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* psa_hash_verify with a non-matching hash */
PSA_ASSERT( psa_hash_setup( &operation, alg ) );
@@ -1932,9 +2016,12 @@
/* Call setup twice in a row. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_mac_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call update after sign finish. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
@@ -1980,19 +2067,25 @@
/* Setup sign but try verify. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_mac_verify_finish( &operation,
verify_mac, sizeof( verify_mac ) ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_mac_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Setup verify but try sign. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_mac_sign_finish( &operation,
sign_mac, sizeof( sign_mac ),
&sign_mac_length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_mac_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_destroy_key( key ) );
@@ -2048,7 +2141,21 @@
mbedtls_test_set_step( output_size );
ASSERT_ALLOC( actual_mac, output_size );
- /* Calculate the MAC. */
+ /* Calculate the MAC, one-shot case. */
+ TEST_EQUAL( psa_mac_compute( key, alg,
+ input->x, input->len,
+ actual_mac, output_size, &mac_length ),
+ expected_status );
+ if( expected_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( expected_mac->x, expected_mac->len,
+ actual_mac, mac_length );
+ }
+
+ if( output_size > 0 )
+ memset( actual_mac, 0, output_size );
+
+ /* Calculate the MAC, multi-part case. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2100,7 +2207,11 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- /* Test the correct MAC. */
+ /* Verify correct MAC, one-shot case. */
+ PSA_ASSERT( psa_mac_verify( key, alg, input->x, input->len,
+ expected_mac->x, expected_mac->len ) );
+
+ /* Verify correct MAC, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2108,7 +2219,14 @@
expected_mac->x,
expected_mac->len ) );
- /* Test a MAC that's too short. */
+ /* Test a MAC that's too short, one-shot case. */
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ expected_mac->x,
+ expected_mac->len - 1 ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* Test a MAC that's too short, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2117,9 +2235,15 @@
expected_mac->len - 1 ),
PSA_ERROR_INVALID_SIGNATURE );
- /* Test a MAC that's too long. */
+ /* Test a MAC that's too long, one-shot case. */
ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 );
memcpy( perturbed_mac, expected_mac->x, expected_mac->len );
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ perturbed_mac, expected_mac->len + 1 ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* Test a MAC that's too long, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2133,6 +2257,12 @@
{
mbedtls_test_set_step( i );
perturbed_mac[i] ^= 1;
+
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ perturbed_mac, expected_mac->len ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2257,15 +2387,21 @@
/* Call encrypt setup twice in a row. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call decrypt setup twice in a row. */
PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Generate an IV without calling setup beforehand. */
TEST_EQUAL( psa_cipher_generate_iv( &operation,
@@ -2279,11 +2415,14 @@
PSA_ASSERT( psa_cipher_generate_iv( &operation,
buffer, sizeof( buffer ),
&length ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_generate_iv( &operation,
buffer, sizeof( buffer ),
&length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Generate an IV after it's already set. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -2305,10 +2444,13 @@
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
PSA_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Set an IV after it's already generated. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -2329,12 +2471,16 @@
PSA_ASSERT( psa_cipher_abort( &operation ) );
/* Call update without an IV where an IV is required. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_update( &operation,
text, sizeof( text ),
buffer, sizeof( buffer ),
&length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call update after finish. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -2359,10 +2505,13 @@
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
/* Not calling update means we are encrypting an empty buffer, which is OK
* for cipher modes with padding. */
+ ASSERT_OPERATION_IS_ACTIVE( operation );
TEST_EQUAL( psa_cipher_finish( &operation,
buffer, sizeof( buffer ), &length ),
PSA_ERROR_BAD_STATE );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_OPERATION_IS_INACTIVE( operation );
/* Call finish twice in a row. */
PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
@@ -2384,10 +2533,11 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_encrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
- int expected_status_arg )
+void cipher_encrypt_fail( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_status_t status;
@@ -2396,8 +2546,97 @@
psa_status_t expected_status = expected_status_arg;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if ( PSA_ERROR_BAD_STATE != expected_status )
+ {
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg,
+ input->len );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ }
+
+ status = psa_cipher_encrypt( key, alg, input->x, input->len, output,
+ output_buffer_size, &output_length );
+
+ TEST_EQUAL( status, expected_status );
+
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_alg_without_iv( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input,
+ data_t *expected_output )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output,
+ output_buffer_size, &output_length ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, output_length );
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_validation( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg );
+ unsigned char *output1 = NULL;
+ size_t output1_buffer_size = 0;
+ size_t output1_length = 0;
+ unsigned char *output2 = NULL;
+ size_t output2_buffer_size = 0;
+ size_t output2_length = 0;
size_t function_output_length = 0;
- size_t total_output_length = 0;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -2407,53 +2646,55 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
+ output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
+ output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
+ ASSERT_ALLOC( output1, output1_buffer_size );
+ ASSERT_ALLOC( output2, output2_buffer_size );
+
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
-
- if( iv->len > 0 )
- {
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- }
-
- output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
- TEST_ASSERT( output_buffer_size <=
+ /* The one-shot cipher encryption uses generated iv so validating
+ the output is not possible. Validating with multipart encryption. */
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1,
+ output1_buffer_size, &output1_length ) );
+ TEST_ASSERT( output1_length <=
+ PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
+ TEST_ASSERT( output1_length <=
PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
- ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) );
PSA_ASSERT( psa_cipher_update( &operation,
input->x, input->len,
- output, output_buffer_size,
+ output2, output2_buffer_size,
&function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
- total_output_length += function_output_length;
+ output2_length += function_output_length;
- status = psa_cipher_finish( &operation,
- ( output_buffer_size == 0 ? NULL :
- output + total_output_length ),
- output_buffer_size - total_output_length,
- &function_output_length );
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output2 + output2_length,
+ output2_buffer_size - output2_length,
+ &function_output_length ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
- total_output_length += function_output_length;
+ output2_length += function_output_length;
- TEST_EQUAL( status, expected_status );
- if( expected_status == PSA_SUCCESS )
- {
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
- }
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size,
+ output2, output2_length );
exit:
psa_cipher_abort( &operation );
- mbedtls_free( output );
+ mbedtls_free( output1 );
+ mbedtls_free( output2 );
psa_destroy_key( key );
PSA_DONE( );
}
@@ -2465,11 +2706,14 @@
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
+ data_t *expected_output,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
size_t first_part_size = first_part_size_arg;
size_t output1_length = output1_length_arg;
size_t output2_length = output2_length_arg;
@@ -2496,9 +2740,8 @@
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
}
- output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
- TEST_ASSERT( output_buffer_size <=
- PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
+ output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -2512,36 +2755,44 @@
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) );
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- ( output_buffer_size == 0 ? NULL :
- output + total_output_length ),
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_ASSERT( function_output_length == output2_length );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
- alg,
- input->len - first_part_size ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
- total_output_length += function_output_length;
+ if( first_part_size < input->len )
+ {
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ ( output_buffer_size == 0 ? NULL :
+ output + total_output_length ),
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
+ alg,
+ input->len - first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
+ total_output_length += function_output_length;
+ }
- PSA_ASSERT( psa_cipher_finish( &operation,
- ( output_buffer_size == 0 ? NULL :
- output + total_output_length ),
- output_buffer_size - total_output_length,
- &function_output_length ) );
+ status = psa_cipher_finish( &operation,
+ ( output_buffer_size == 0 ? NULL :
+ output + total_output_length ),
+ output_buffer_size - total_output_length,
+ &function_output_length );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
TEST_ASSERT( function_output_length <=
PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
+ TEST_EQUAL( status, expected_status );
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+ }
exit:
psa_cipher_abort( &operation );
@@ -2557,11 +2808,14 @@
data_t *input,
int first_part_size_arg,
int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
+ data_t *expected_output,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
size_t first_part_size = first_part_size_arg;
size_t output1_length = output1_length_arg;
size_t output2_length = output2_length_arg;
@@ -2588,9 +2842,8 @@
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
}
- output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len );
- TEST_ASSERT( output_buffer_size <=
- PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) );
+ output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -2605,94 +2858,25 @@
PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) );
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- ( output_buffer_size == 0 ? NULL :
- output + total_output_length ),
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_ASSERT( function_output_length == output2_length );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
- alg,
- input->len - first_part_size ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
- total_output_length += function_output_length;
-
- PSA_ASSERT( psa_cipher_finish( &operation,
- ( output_buffer_size == 0 ? NULL :
- output + total_output_length ),
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
-
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
-
-exit:
- psa_cipher_abort( &operation );
- mbedtls_free( output );
- psa_destroy_key( key );
- PSA_DONE( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
- int expected_status_arg )
-{
- mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
- psa_status_t status;
- psa_key_type_t key_type = key_type_arg;
- psa_algorithm_t alg = alg_arg;
- psa_status_t expected_status = expected_status_arg;
- unsigned char *output = NULL;
- size_t output_buffer_size = 0;
- size_t function_output_length = 0;
- size_t total_output_length = 0;
- psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- PSA_ASSERT( psa_crypto_init( ) );
-
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
- psa_set_key_algorithm( &attributes, alg );
- psa_set_key_type( &attributes, key_type );
-
- PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &key ) );
-
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
-
- if( iv->len > 0 )
+ if( first_part_size < input->len )
{
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ ( output_buffer_size == 0 ? NULL :
+ output + total_output_length ),
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type,
+ alg,
+ input->len - first_part_size ) );
+ TEST_ASSERT( function_output_length <=
+ PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
+ total_output_length += function_output_length;
}
- output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input->len );
- TEST_ASSERT( output_buffer_size <=
- PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input->len ) );
- ASSERT_ALLOC( output, output_buffer_size );
-
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x, input->len,
- output, output_buffer_size,
- &function_output_length ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
- total_output_length += function_output_length;
-
status = psa_cipher_finish( &operation,
( output_buffer_size == 0 ? NULL :
output + total_output_length ),
@@ -2708,6 +2892,7 @@
if( expected_status == PSA_SUCCESS )
{
PSA_ASSERT( psa_cipher_abort( &operation ) );
+
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
}
@@ -2721,25 +2906,132 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_verify_output( int alg_arg, int key_type_arg,
+void cipher_decrypt_fail( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input_arg,
+ int expected_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_status_t status;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *input = NULL;
+ size_t input_buffer_size = 0;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if ( PSA_ERROR_BAD_STATE != expected_status )
+ {
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ }
+
+ /* Allocate input buffer and copy the iv and the plaintext */
+ input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len );
+ if ( input_buffer_size > 0 )
+ {
+ ASSERT_ALLOC( input, input_buffer_size );
+ memcpy( input, iv->x, iv->len );
+ memcpy( input + iv->len, input_arg->x, input_arg->len );
+ }
+
+ output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output,
+ output_buffer_size, &output_length );
+ TEST_EQUAL( status, expected_status );
+
+exit:
+ mbedtls_free( input );
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input_arg,
+ data_t *expected_output )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *input = NULL;
+ size_t input_buffer_size = 0;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t output_length = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ /* Allocate input buffer and copy the iv and the plaintext */
+ input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len );
+ if ( input_buffer_size > 0 )
+ {
+ ASSERT_ALLOC( input, input_buffer_size );
+ memcpy( input, iv->x, iv->len );
+ memcpy( input + iv->len, input_arg->x, input_arg->len );
+ }
+
+ output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ PSA_ASSERT( psa_cipher_decrypt( key, alg, input, input_buffer_size, output,
+ output_buffer_size, &output_length ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) );
+ TEST_ASSERT( output_length <=
+ PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, output_length );
+exit:
+ mbedtls_free( input );
+ mbedtls_free( output );
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_verify_output( int alg_arg,
+ int key_type_arg,
data_t *key_data,
data_t *input )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
- unsigned char iv[16] = {0};
- size_t iv_size = 16;
- size_t iv_length = 0;
unsigned char *output1 = NULL;
size_t output1_size = 0;
size_t output1_length = 0;
unsigned char *output2 = NULL;
size_t output2_size = 0;
size_t output2_length = 0;
- size_t function_output_length = 0;
- psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT;
- psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
PSA_ASSERT( psa_crypto_init( ) );
@@ -2750,82 +3042,31 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
-
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) );
-
- if( alg != PSA_ALG_ECB_NO_PADDING )
- {
- PSA_ASSERT( psa_cipher_generate_iv( &operation1,
- iv, iv_size,
- &iv_length ) );
- }
output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
- TEST_ASSERT( output1_size <=
- PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
ASSERT_ALLOC( output1, output1_size );
- PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
- output1, output1_size,
- &output1_length ) );
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len,
+ output1, output1_size,
+ &output1_length ) );
TEST_ASSERT( output1_length <=
- PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) );
+ PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) );
TEST_ASSERT( output1_length <=
- PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) );
-
- PSA_ASSERT( psa_cipher_finish( &operation1,
- output1 + output1_length,
- output1_size - output1_length,
- &function_output_length ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
-
- output1_length += function_output_length;
-
- PSA_ASSERT( psa_cipher_abort( &operation1 ) );
+ PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) );
output2_size = output1_length;
- TEST_ASSERT( output2_size <=
- PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
- TEST_ASSERT( output2_size <=
- PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
ASSERT_ALLOC( output2, output2_size );
- if( iv_length > 0 )
- {
- PSA_ASSERT( psa_cipher_set_iv( &operation2,
- iv, iv_length ) );
- }
-
- PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
- output2, output2_size,
- &output2_length ) );
+ PSA_ASSERT( psa_cipher_decrypt( key, alg, output1, output1_length,
+ output2, output2_size,
+ &output2_length ) );
TEST_ASSERT( output2_length <=
- PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, output1_length ) );
+ PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) );
TEST_ASSERT( output2_length <=
- PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length ) );
-
- function_output_length = 0;
- PSA_ASSERT( psa_cipher_finish( &operation2,
- output2 + output2_length,
- output2_size - output2_length,
- &function_output_length ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) );
- TEST_ASSERT( function_output_length <=
- PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE );
-
- output2_length += function_output_length;
-
- PSA_ASSERT( psa_cipher_abort( &operation2 ) );
+ PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) );
ASSERT_COMPARE( input->x, input->len, output2, output2_length );
exit:
- psa_cipher_abort( &operation1 );
- psa_cipher_abort( &operation2 );
mbedtls_free( output1 );
mbedtls_free( output2 );
psa_destroy_key( key );
@@ -5197,7 +5438,8 @@
PSA_KEY_LIFETIME_PERSISTENT );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
TEST_EQUAL( psa_get_key_bits( &attributes ), bits );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
/* Export the key again if permitted by the key policy. */
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index dbc5b1f..ead7a69 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -117,29 +117,45 @@
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR
-PSA symmetric encrypt: AES-CTR, 16 bytes, good
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, good
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric encrypt: AES-CTR, 15 bytes, good
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, good
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
-PSA symmetric encrypt: AES-CTR, 16 bytes, fallback
+PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-PSA symmetric encrypt: AES-CTR, 15 bytes, fallback
+PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
-PSA symmetric encrypt: AES-CTR, 16 bytes, fake
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
-PSA symmetric encrypt: AES-CTR, 15 bytes, fake
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, good
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, good
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
@@ -153,77 +169,89 @@
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, good
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
+
+PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake
+depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:8:0:"d07a6a6e2687feb2":1:PSA_SUCCESS:PSA_SUCCESS
+
PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 11+5 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+20 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 20+12 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 12+10 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
-cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
Cipher driver: negative testing on all entry points
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index e86309b..6d78ad5 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -422,19 +422,111 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_encrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
- int mock_output_arg,
- int force_status_arg,
- int expected_status_arg )
+void cipher_encrypt_validation( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *input )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
- psa_status_t status;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg );
+ unsigned char *output1 = NULL;
+ size_t output1_buffer_size = 0;
+ size_t output1_length = 0;
+ unsigned char *output2 = NULL;
+ size_t output2_buffer_size = 0;
+ size_t output2_length = 0;
+ size_t function_output_length = 0;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
+ psa_set_key_algorithm( &attributes, alg );
+ psa_set_key_type( &attributes, key_type );
+
+ output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len );
+ output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) +
+ PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg );
+ ASSERT_ALLOC( output1, output1_buffer_size );
+ ASSERT_ALLOC( output2, output2_buffer_size );
+
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+
+ PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1,
+ output1_buffer_size, &output1_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x, input->len,
+ output2, output2_buffer_size,
+ &function_output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ output2_length += function_output_length;
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output2 + output2_length,
+ output2_buffer_size - output2_length,
+ &function_output_length ) );
+ /* Finish will have called abort as well, so expecting two hits here */
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ output2_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ // driver function should've been called as part of the finish() core routine
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
+ ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size,
+ output2, output2_length );
+
+exit:
+ psa_cipher_abort( &operation );
+ mbedtls_free( output1 );
+ mbedtls_free( output2 );
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_multipart( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input,
+ int first_part_size_arg,
+ int output1_length_arg,
+ int output2_length_arg,
+ data_t *expected_output,
+ int mock_output_arg,
+ int force_status_arg,
+ int expected_status_arg )
+{
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
psa_status_t expected_status = expected_status_arg;
psa_status_t force_status = force_status_arg;
+ size_t first_part_size = first_part_size_arg;
+ size_t output1_length = output1_length_arg;
+ size_t output2_length = output2_length_arg;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
size_t function_output_length = 0;
@@ -444,6 +536,20 @@
mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
mbedtls_test_driver_cipher_hooks.forced_status = force_status;
+ /* Test operation initialization */
+ mbedtls_psa_cipher_operation_t mbedtls_operation =
+ MBEDTLS_PSA_CIPHER_OPERATION_INIT;
+
+ mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation =
+ MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+ mbedtls_opaque_test_driver_cipher_operation_t opaque_operation =
+ MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT;
+
+ operation.ctx.mbedtls_ctx = mbedtls_operation;
+ operation.ctx.transparent_test_driver_ctx = tranparent_operation;
+ operation.ctx.opaque_test_driver_ctx = opaque_operation;
+
PSA_ASSERT( psa_crypto_init( ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
@@ -471,36 +577,52 @@
mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x, input->len,
+ TEST_ASSERT( first_part_size <= input->len );
+ PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
mbedtls_test_driver_cipher_hooks.hits = 0;
+ TEST_ASSERT( function_output_length == output1_length );
+ total_output_length += function_output_length;
+
+ if( first_part_size < input->len )
+ {
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ TEST_ASSERT( function_output_length == output2_length );
+ total_output_length += function_output_length;
+ }
+
if( mock_output_arg )
{
mbedtls_test_driver_cipher_hooks.forced_output = NULL;
mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
}
- total_output_length += function_output_length;
- status = psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length );
+ status = psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length );
/* Finish will have called abort as well, so expecting two hits here */
TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
- mbedtls_test_driver_cipher_hooks.hits = 0;
-
+ mbedtls_test_driver_cipher_hooks.hits = 0 ;
total_output_length += function_output_length;
-
TEST_EQUAL( status, expected_status );
+
if( expected_status == PSA_SUCCESS )
{
PSA_ASSERT( psa_cipher_abort( &operation ) );
- // driver function should've been called as part of the finish() core routine
TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
+
ASSERT_COMPARE( expected_output->x, expected_output->len,
output, total_output_length );
}
@@ -515,16 +637,25 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
+void cipher_decrypt_multipart( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
data_t *input,
int first_part_size_arg,
- int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
+ int output1_length_arg,
+ int output2_length_arg,
+ data_t *expected_output,
+ int mock_output_arg,
+ int force_status_arg,
+ int expected_status_arg )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_type_t key_type = key_type_arg;
psa_algorithm_t alg = alg_arg;
+ psa_status_t status;
+ psa_status_t expected_status = expected_status_arg;
+ psa_status_t force_status = force_status_arg;
size_t first_part_size = first_part_size_arg;
size_t output1_length = output1_length_arg;
size_t output2_length = output2_length_arg;
@@ -535,91 +666,21 @@
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+ mbedtls_test_driver_cipher_hooks.forced_status = force_status;
- PSA_ASSERT( psa_crypto_init( ) );
+ /* Test operation initialization */
+ mbedtls_psa_cipher_operation_t mbedtls_operation =
+ MBEDTLS_PSA_CIPHER_OPERATION_INIT;
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT );
- psa_set_key_algorithm( &attributes, alg );
- psa_set_key_type( &attributes, key_type );
+ mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation =
+ MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT;
- PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
- &key ) );
+ mbedtls_opaque_test_driver_cipher_operation_t opaque_operation =
+ MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT;
- PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
- mbedtls_test_driver_cipher_hooks.hits = 0;
-
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
- mbedtls_test_driver_cipher_hooks.hits = 0;
-
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
- ASSERT_ALLOC( output, output_buffer_size );
-
- TEST_ASSERT( first_part_size <= input->len );
- PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
- output, output_buffer_size,
- &function_output_length ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
- mbedtls_test_driver_cipher_hooks.hits = 0;
-
- TEST_ASSERT( function_output_length == output1_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
- mbedtls_test_driver_cipher_hooks.hits = 0;
- TEST_ASSERT( function_output_length == output2_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- /* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
- mbedtls_test_driver_cipher_hooks.hits = 0 ;
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
-
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
-
-exit:
- psa_cipher_abort( &operation );
- mbedtls_free( output );
- psa_destroy_key( key );
- PSA_DONE( );
- mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input,
- int first_part_size_arg,
- int output1_length_arg, int output2_length_arg,
- data_t *expected_output )
-{
- mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
- psa_key_type_t key_type = key_type_arg;
- psa_algorithm_t alg = alg_arg;
- size_t first_part_size = first_part_size_arg;
- size_t output1_length = output1_length_arg;
- size_t output2_length = output2_length_arg;
- unsigned char *output = NULL;
- size_t output_buffer_size = 0;
- size_t function_output_length = 0;
- size_t total_output_length = 0;
- psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
+ operation.ctx.mbedtls_ctx = mbedtls_operation;
+ operation.ctx.transparent_test_driver_ctx = tranparent_operation;
+ operation.ctx.opaque_test_driver_ctx = opaque_operation;
PSA_ASSERT( psa_crypto_init( ) );
@@ -635,47 +696,69 @@
mbedtls_test_driver_cipher_hooks.hits = 0;
PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
mbedtls_test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
+ if( mock_output_arg )
+ {
+ mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
+ }
+
TEST_ASSERT( first_part_size <= input->len );
PSA_ASSERT( psa_cipher_update( &operation,
input->x, first_part_size,
output, output_buffer_size,
&function_output_length ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
mbedtls_test_driver_cipher_hooks.hits = 0;
TEST_ASSERT( function_output_length == output1_length );
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x + first_part_size,
- input->len - first_part_size,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
- mbedtls_test_driver_cipher_hooks.hits = 0;
- TEST_ASSERT( function_output_length == output2_length );
- total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length ) );
+ if( first_part_size < input->len )
+ {
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ mbedtls_test_driver_cipher_hooks.hits = 0;
+
+ TEST_ASSERT( function_output_length == output2_length );
+ total_output_length += function_output_length;
+ }
+
+ if( mock_output_arg )
+ {
+ mbedtls_test_driver_cipher_hooks.forced_output = NULL;
+ mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
+ }
+
+ status = psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length );
/* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
mbedtls_test_driver_cipher_hooks.hits = 0;
total_output_length += function_output_length;
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
+ TEST_EQUAL( status, expected_status );
- ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+ }
exit:
psa_cipher_abort( &operation );
@@ -687,9 +770,12 @@
/* END_CASE */
/* BEGIN_CASE */
-void cipher_decrypt( int alg_arg, int key_type_arg,
- data_t *key_data, data_t *iv,
- data_t *input, data_t *expected_output,
+void cipher_decrypt( int alg_arg,
+ int key_type_arg,
+ data_t *key_data,
+ data_t *iv,
+ data_t *input_arg,
+ data_t *expected_output,
int mock_output_arg,
int force_status_arg,
int expected_status_arg )
@@ -700,11 +786,11 @@
psa_algorithm_t alg = alg_arg;
psa_status_t expected_status = expected_status_arg;
psa_status_t force_status = force_status_arg;
+ unsigned char *input = NULL;
+ size_t input_buffer_size = 0;
unsigned char *output = NULL;
size_t output_buffer_size = 0;
- size_t function_output_length = 0;
- size_t total_output_length = 0;
- psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ size_t output_length = 0;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init();
mbedtls_test_driver_cipher_hooks.forced_status = force_status;
@@ -715,62 +801,42 @@
psa_set_key_algorithm( &attributes, alg );
psa_set_key_type( &attributes, key_type );
+ /* Allocate input buffer and copy the iv and the plaintext */
+ input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len );
+ if ( input_buffer_size > 0 )
+ {
+ ASSERT_ALLOC( input, input_buffer_size );
+ memcpy( input, iv->x, iv->len );
+ memcpy( input + iv->len, input_arg->x, input_arg->len );
+ }
+
+ output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size );
+ ASSERT_ALLOC( output, output_buffer_size );
+
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
- mbedtls_test_driver_cipher_hooks.hits = 0;
-
- PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
- mbedtls_test_driver_cipher_hooks.hits = 0;
-
- output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
- ASSERT_ALLOC( output, output_buffer_size );
-
if( mock_output_arg )
{
mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x;
mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len;
}
- PSA_ASSERT( psa_cipher_update( &operation,
- input->x, input->len,
- output, output_buffer_size,
- &function_output_length ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) );
+ status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output,
+ output_buffer_size, &output_length );
+ TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 );
mbedtls_test_driver_cipher_hooks.hits = 0;
- if( mock_output_arg )
- {
- mbedtls_test_driver_cipher_hooks.forced_output = NULL;
- mbedtls_test_driver_cipher_hooks.forced_output_length = 0;
- }
-
- total_output_length += function_output_length;
- status = psa_cipher_finish( &operation,
- output + total_output_length,
- output_buffer_size - total_output_length,
- &function_output_length );
- /* Finish will have called abort as well, so expecting two hits here */
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) );
- mbedtls_test_driver_cipher_hooks.hits = 0;
-
- total_output_length += function_output_length;
TEST_EQUAL( status, expected_status );
if( expected_status == PSA_SUCCESS )
{
- PSA_ASSERT( psa_cipher_abort( &operation ) );
- TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 );
ASSERT_COMPARE( expected_output->x, expected_output->len,
- output, total_output_length );
+ output, output_length );
}
exit:
- psa_cipher_abort( &operation );
+ mbedtls_free( input );
mbedtls_free( output );
psa_destroy_key( key );
PSA_DONE( );
@@ -1118,7 +1184,31 @@
ASSERT_ALLOC( actual_mac, mac_buffer_size );
mbedtls_test_driver_mac_hooks.forced_status = forced_status;
- /* Calculate the MAC. */
+ /*
+ * Calculate the MAC, one-shot case.
+ */
+ status = psa_mac_compute( key, alg,
+ input->x, input->len,
+ actual_mac, mac_buffer_size,
+ &mac_length );
+
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ if( mac_buffer_size > 0 )
+ memset( actual_mac, 0, mac_buffer_size );
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Calculate the MAC, multipart case.
+ */
status = psa_mac_sign_setup( &operation, key, alg );
TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
@@ -1214,7 +1304,27 @@
mbedtls_test_driver_mac_hooks.forced_status = forced_status;
- /* Test the correct MAC. */
+ /*
+ * Verify the MAC, one-shot case.
+ */
+ status = psa_mac_verify( key, alg,
+ input->x, input->len,
+ expected_mac->x, expected_mac->len );
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Verify the MAC, multi-part case.
+ */
status = psa_mac_verify_setup( &operation, key, alg );
TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 4e2f4d5..526f0f7 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -361,3 +361,39 @@
DH group family: RFC 7919
dh_key_family:PSA_DH_FAMILY_RFC7919
+
+Lifetime: VOLATILE
+lifetime:PSA_KEY_LIFETIME_VOLATILE:KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: PERSISTENT
+lifetime:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: default, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 2, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):0:2:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 254, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):0:254:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: read-only, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0x123456):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:0x123456
+
+Lifetime: default, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0x123456):0:PSA_KEY_PERSISTENCE_DEFAULT:0x123456
+
+Lifetime: 2, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, 0x123456):0:2:0x123456
+
+Lifetime: 254, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, 0x123456):0:254:0x123456
+
+Lifetime: read-only, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, 0x123456):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:0x123456
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 8134f44..d91f90f 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -55,8 +55,21 @@
#define KEY_TYPE_IS_ECC ( 1u << 6 )
#define KEY_TYPE_IS_DH ( 1u << 7 )
-#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
- TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
+/* Flags for lifetime classification macros. There is a flag for every
+ * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the
+ * flag is the name of the classification macro without the PSA_ prefix. */
+#define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 )
+#define KEY_LIFETIME_IS_READ_ONLY ( 1u << 1 )
+
+#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
+ do \
+ { \
+ if( ( flags ) & ( flag ) ) \
+ TEST_ASSERT( PSA_##flag( alg ) ); \
+ else \
+ TEST_ASSERT( ! PSA_##flag( alg ) ); \
+ } \
+ while( 0 )
/* Check the parity of value.
*
@@ -639,3 +652,20 @@
TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void lifetime( int lifetime_arg, int classification_flags,
+ int persistence_arg, int location_arg )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_persistence_t persistence = persistence_arg;
+ psa_key_location_t location = location_arg;
+ unsigned flags = classification_flags;
+
+ TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_VOLATILE, lifetime, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_READ_ONLY, lifetime, flags );
+
+ TEST_EQUAL( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime ), persistence );
+ TEST_EQUAL( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ), location );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
index dad1205..b250634 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.data
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -119,3 +119,12 @@
import/export-persistent symmetric key with restart: 16 bytes
depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0
+
+Destroy invalid id: 0
+destroy_nonexistent:0:PSA_SUCCESS
+
+Destroy non-existent key
+destroy_nonexistent:1:PSA_ERROR_INVALID_HANDLE
+
+Destroy invalid id: 0xffffffff
+destroy_nonexistent:0xffffffff:PSA_ERROR_INVALID_HANDLE
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 9759077..bd9b9c9 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -323,3 +323,18 @@
psa_destroy_persistent_key( key_id );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void destroy_nonexistent( int id_arg, int expected_status_arg )
+{
+ mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
+ psa_status_t expected_status = expected_status_arg;
+
+ PSA_INIT( );
+
+ TEST_EQUAL( expected_status, psa_destroy_key( id ) );
+
+exit:
+ PSA_DONE( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 0fedd14..68b196d 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -78,6 +78,27 @@
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
+Persistent slot, check after closing, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
+
+Persistent slot, check after closing and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot, check after destroying, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Persistent slot, check after destroying and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
+
+Persistent slot, check after purging, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
+
+Persistent slot, check after purging and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN
+
+Persistent slot, check after restart with live handle, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
+
Attempt to overwrite: close before
create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE
@@ -107,13 +128,17 @@
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
open_fail:1:PSA_ERROR_DOES_NOT_EXIST
-Create failure: invalid lifetime for a persistent key
+Create failure: read-only key
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:0x7fffffff:1:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):1:PSA_ERROR_INVALID_ARGUMENT
-Create failure: invalid lifetime for a volatile key
+Create failure: invalid location for a persistent key
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:0x7fffff00:0:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0xbad10cU):1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid location for a volatile key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0xbad10cU):0:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (0) for a persistent key
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index dac52ab..aa3ce28 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -242,7 +242,8 @@
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
@@ -261,7 +262,8 @@
TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime );
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ), id ) );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 );
TEST_EQUAL( psa_get_key_type( &attributes ), type );
@@ -293,7 +295,8 @@
TEST_ASSERT( mbedtls_svc_key_id_equal(
psa_get_key_id( &attributes ),
psa_get_key_id( &read_attributes ) ) );
- TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags );
+ TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
+ mbedtls_test_update_key_usage_flags( usage_flags ) );
TEST_EQUAL( psa_get_key_algorithm( &attributes ),
psa_get_key_algorithm( &read_attributes ) );
TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ),
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.current.data b/tests/suites/test_suite_psa_crypto_storage_format.current.data
index 024420b..ec74aba 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.current.data
+++ b/tests/suites/test_suite_psa_crypto_storage_format.current.data
@@ -1,5 +1,21 @@
# Automatically generated by generate_psa_tests.py. Do not edit!
+PSA storage save: lifetime: (DEFAULT, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c"
+
+PSA storage save: lifetime: (2, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c"
+
+PSA storage save: lifetime: (254, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c"
+
+PSA storage save: lifetime: PERSISTENT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c"
+
PSA storage save: usage: 0
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b"
@@ -26,7 +42,7 @@
PSA storage save: usage: SIGN_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b"
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b"
PSA storage save: usage: SIGN_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
@@ -34,7 +50,7 @@
PSA storage save: usage: VERIFY_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b"
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b"
PSA storage save: usage: VERIFY_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
@@ -58,7 +74,7 @@
PSA storage save: usage: EXPORT | SIGN_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b"
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b"
PSA storage save: usage: SIGN_HASH | SIGN_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
@@ -66,7 +82,7 @@
PSA storage save: usage: SIGN_MESSAGE | VERIFY_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
-key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002400000000000000000000010000004b"
+key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b"
PSA storage save: usage: VERIFY_HASH | VERIFY_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function
index 34d63a7..b90ef6e 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.function
+++ b/tests/suites/test_suite_psa_crypto_storage_format.function
@@ -8,6 +8,7 @@
#include <psa_crypto_its.h>
#define TEST_FLAG_EXERCISE 0x00000001
+#define TEST_FLAG_READ_ONLY 0x00000002
/** Write a key with the given attributes and key material to storage.
* Test that it has the expected representation.
@@ -115,10 +116,20 @@
psa_get_key_algorithm( expected_attributes ) ) );
}
- /* Destroy the key. Confirm through direct access to the storage. */
- PSA_ASSERT( psa_destroy_key( key_id ) );
- TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST,
- psa_its_get_info( uid, &storage_info ) );
+
+ if( flags & TEST_FLAG_READ_ONLY )
+ {
+ /* Read-only keys cannot be removed through the API.
+ * The key will be removed through ITS in the cleanup code below. */
+ TEST_EQUAL( PSA_ERROR_NOT_PERMITTED, psa_destroy_key( key_id ) );
+ }
+ else
+ {
+ /* Destroy the key. Confirm through direct access to the storage. */
+ PSA_ASSERT( psa_destroy_key( key_id ) );
+ TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST,
+ psa_its_get_info( uid, &storage_info ) );
+ }
ok = 1;
@@ -219,7 +230,6 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( key_id );
PSA_DONE( );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/tests/suites/test_suite_psa_crypto_storage_format.v0.data
index ce1dc1e..3dedaf1 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.v0.data
+++ b/tests/suites/test_suite_psa_crypto_storage_format.v0.data
@@ -1,78 +1,174 @@
# Automatically generated by generate_psa_tests.py. Do not edit!
-PSA storage read: usage: 0
+PSA storage read: lifetime: (DEFAULT, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0
+
+PSA storage read: lifetime: (READ_ONLY, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000ff00000001100800010000000000000000000000010000004c":TEST_FLAG_READ_ONLY
+
+PSA storage read: lifetime: (2, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c":0
+
+PSA storage read: lifetime: (254, LOCAL_STORAGE)
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c":0
+
+PSA storage read: lifetime: PERSISTENT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0
+
+PSA storage read: usage with implication: 0
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0
-PSA storage read: usage: COPY
+PSA storage read: usage without implication: 0
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: COPY
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0
-PSA storage read: usage: DECRYPT
+PSA storage read: usage without implication: COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DECRYPT
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0
-PSA storage read: usage: DERIVE
+PSA storage read: usage without implication: DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DERIVE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0
-PSA storage read: usage: ENCRYPT
+PSA storage read: usage without implication: DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: ENCRYPT
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0
-PSA storage read: usage: EXPORT
+PSA storage read: usage without implication: ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0
+
+PSA storage read: usage with implication: EXPORT
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0
-PSA storage read: usage: SIGN_HASH
+PSA storage read: usage without implication: EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0
+
+PSA storage read: usage with implication: SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+PSA storage read: usage without implication: SIGN_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0
-PSA storage read: usage: SIGN_MESSAGE
+PSA storage read: usage with implication: SIGN_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0
-PSA storage read: usage: VERIFY_HASH
+PSA storage read: usage without implication: SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0
+
+PSA storage read: usage with implication: VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+PSA storage read: usage without implication: VERIFY_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0
-PSA storage read: usage: VERIFY_MESSAGE
+PSA storage read: usage with implication: VERIFY_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0
-PSA storage read: usage: COPY | DECRYPT
+PSA storage read: usage without implication: VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0
+
+PSA storage read: usage with implication: COPY | DECRYPT
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0
-PSA storage read: usage: DECRYPT | DERIVE
+PSA storage read: usage without implication: COPY | DECRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DECRYPT | DERIVE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0
-PSA storage read: usage: DERIVE | ENCRYPT
+PSA storage read: usage without implication: DECRYPT | DERIVE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0
+
+PSA storage read: usage with implication: DERIVE | ENCRYPT
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0
-PSA storage read: usage: ENCRYPT | EXPORT
+PSA storage read: usage without implication: DERIVE | ENCRYPT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0
+
+PSA storage read: usage with implication: ENCRYPT | EXPORT
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0
-PSA storage read: usage: EXPORT | SIGN_HASH
+PSA storage read: usage without implication: ENCRYPT | EXPORT
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0
+
+PSA storage read: usage with implication: EXPORT | SIGN_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b":0
+
+PSA storage read: usage without implication: EXPORT | SIGN_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0
-PSA storage read: usage: SIGN_HASH | SIGN_MESSAGE
+PSA storage read: usage with implication: SIGN_HASH | SIGN_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
-PSA storage read: usage: SIGN_MESSAGE | VERIFY_HASH
+PSA storage read: usage without implication: SIGN_HASH | SIGN_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0
+
+PSA storage read: usage with implication: SIGN_MESSAGE | VERIFY_HASH
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b":0
+
+PSA storage read: usage without implication: SIGN_MESSAGE | VERIFY_HASH
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002400000000000000000000010000004b":0
-PSA storage read: usage: VERIFY_HASH | VERIFY_MESSAGE
+PSA storage read: usage with implication: VERIFY_HASH | VERIFY_MESSAGE
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
-PSA storage read: usage: VERIFY_MESSAGE | COPY
+PSA storage read: usage without implication: VERIFY_HASH | VERIFY_MESSAGE
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0
+
+PSA storage read: usage with implication: VERIFY_MESSAGE | COPY
+depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
+key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0
+
+PSA storage read: usage without implication: VERIFY_MESSAGE | COPY
depends_on:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0
@@ -1888,4 +1984,256 @@
depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA
key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c":0
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by SIGN_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012000000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: ED448PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit
+depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001200000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(MD2) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(MD4) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(MD5) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(RIPEMD160) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_1) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_224) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_256) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_384) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: HMAC(SHA_512) HMAC 128-bit
+depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC
+key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PUBLIC_KEY 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE
+
+PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PUBLIC_KEY 1024-bit
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE
+
# End of automatically generated file.
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index 6f9406c..2da814d 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -389,12 +389,18 @@
RSA Private (Data larger than N)
mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+RSA Private (Data = 0 )
+mbedtls_rsa_private:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
RSA Public (Correct)
mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0
RSA Public (Data larger than N)
mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+RSA Public (Data = 0)
+mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
RSA Generate Key - 128bit key
mbedtls_rsa_gen_key:128:3:0
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index d3d016d..2d7fb8e 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -532,10 +532,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -578,8 +578,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
@@ -616,10 +616,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -687,8 +687,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -751,8 +751,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -792,8 +792,8 @@
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -840,10 +840,10 @@
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -886,14 +886,16 @@
mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
+
+ /* Check test data consistency */
+ TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
if( result == 0 )
{
@@ -945,17 +947,19 @@
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
+
+ /* Check test data consistency */
+ TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
/* repeat three times to test updating of blinding values */
for( i = 0; i < 3; i++ )
{
@@ -1021,11 +1025,11 @@
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
@@ -1053,36 +1057,36 @@
ctx.len = mod / 8;
if( strlen( input_P ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
}
if( strlen( input_Q ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
}
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
}
if( strlen( input_D ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( strlen( input_DP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
}
if( strlen( input_DQ ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
}
if( strlen( input_QP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
}
#else
((void) radix_DP); ((void) input_DP);
@@ -1117,45 +1121,45 @@
if( strlen( input_Npub ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
}
if( strlen( input_Epub ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
}
if( strlen( input_P ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
}
if( strlen( input_Q ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
}
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
}
if( strlen( input_D ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( strlen( input_DP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
}
if( strlen( input_DQ ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
}
if( strlen( input_QP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
}
#else
((void) radix_DP); ((void) input_DP);
@@ -1216,11 +1220,11 @@
mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
if( corrupt )
TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
@@ -1257,10 +1261,10 @@
mbedtls_mpi_init( &E );
mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
if( corrupt )
{
@@ -1343,19 +1347,19 @@
(const unsigned char *) pers, strlen( pers ) ) == 0 );
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
if( !successive )
{
@@ -1487,19 +1491,19 @@
/* Setup RSA context */
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx,
strlen( input_N ) ? &N : NULL,
@@ -1607,19 +1611,19 @@
strlen( pers ) ) == 0 );
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
have_P ? &P : NULL,
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 59ea17b..ce475e6 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -246,7 +246,7 @@
(void) rsa_alt;
#endif
- TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &serial, 10, serial_str ) == 0 );
if( ver != -1 )
mbedtls_x509write_crt_set_version( &crt, ver );
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 9cec716..cd68bb0 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -272,7 +272,6 @@
<ClInclude Include="..\..\library\psa_crypto_random_impl.h" />
<ClInclude Include="..\..\library\psa_crypto_rsa.h" />
<ClInclude Include="..\..\library\psa_crypto_se.h" />
- <ClInclude Include="..\..\library\psa_crypto_service_integration.h" />
<ClInclude Include="..\..\library\psa_crypto_slot_management.h" />
<ClInclude Include="..\..\library\psa_crypto_storage.h" />
<ClInclude Include="..\..\library\ssl_invasive.h" />