Merge pull request #9442 from gilles-peskine-arm/psa_sim_generate-parse_headers
psa_sim_generate.pl: don't copy the headers
diff --git a/docs/architecture/psa-keystore-design.md b/docs/architecture/psa-keystore-design.md
new file mode 100644
index 0000000..54ba8ac
--- /dev/null
+++ b/docs/architecture/psa-keystore-design.md
@@ -0,0 +1,212 @@
+PSA key store design
+====================
+
+## Introduction
+
+This document describes the architecture of the key storage in memory in the Mbed TLS and TF-PSA-Crypto implementation of the PSA Cryptography API.
+
+In the PSA Cryptography API, cryptographic operations access key materials via a key identifier (key ID for short). Applications must first create a key object, which allocates storage in memory for the key material and metadata. This storage is under the control of the library and may be located in a different memory space such as a trusted execution environment or a secure element.
+
+The storage of persistent keys is out of scope of this document. See the [Mbed Crypto storage specification](mbed-crypto-storage-specification.md).
+
+## Key slot management interface
+
+### Key store and key slots
+
+The **key store** consists of a collection of **key slots**. Each key slot contains the metadata for one key, as well as the key material or a reference to the key material.
+
+A key slot has the type `psa_key_slot_t`. The key store is a global object which is private inside `psa_crypto_slot_management.c`.
+
+### Key slot entry points
+
+The following operations allocate a key slot by calling `psa_reserve_free_key_slot()`:
+
+* **Creating** a key object, through means such as import, random generation, deterministic derivation, copy, or registration of an existing key that is stored in protected hardware (secure element, hardware unique key (HUK)).
+* **Loading** a persistent key from storage, or loading a built-in key. This is done through `psa_get_and_lock_key_slot()`, which calls `psa_reserve_free_key_slot()` and loads the key if applicable.
+
+The following operations free a key slot by calling `psa_wipe_key_slot()` and, if applicable, `psa_free_key_slot()`:
+
+* **Destroying** a key.
+* **Purging** a persistent key from memory, either explicitly at the application's request or to free memory.
+
+Deinitializing the PSA Crypto subsystem with `mbedtls_psa_crypto_free()` destroys all volatile keys and purges all persistent keys.
+
+The library accesses key slots in the following scenarios:
+
+* while the key is being created or loaded;
+* while the key is being destroyed or purged;
+* while the key metadata or key material is being accessed.
+
+### Key slot states
+
+The state of a key slot is indicated by its `state` field of type `psa_key_slot_state_t`, which can be:
+
+* `PSA_SLOT_EMPTY`: a slot that occupies memory but does not currently contain a key.
+* `PSA_SLOT_FILLING`: a slot that is being filled to create or load a key.
+* `PSA_SLOT_FULL`: a slot containing a key.
+* `PSA_SLOT_PENDING_DELETION`: a slot whose key is being destroy or purged.
+
+These states are mostly useful for concurrency. See [Concurrency](#concurrency) below and [key slot states in the PSA thread safety specification](psa-thread-safety/psa-thread-safety.md#key-slot-states).
+
+#### Concurrency
+
+In a multithreaded environment, since Mbed TLS 3.6.0, each key slot is protected by a reader-writer lock. (In earlier versions, the key store was not thread-safe.) The lock is controlled by a single global mutex `mbedtls_threading_psa_globaldata_mutex`. The concurrency state of the slot is indicated by the state and the `registered_readers` field:
+
+* `EMPTY` or `FULL` state, `registered_readers == 0`: the slot is not in use by any thread.
+* `FULL` state, `registered_readers != 0`: the slot is being read.
+* `FILLING` or `PENDING_DELETION` state: the slot is being written.
+
+For more information, see [PSA thread safety](psa-thread-safety/psa-thread-safety.md).
+
+Note that a slot must not be moved in memory while it is being read or written.
+
+## Key slot management implementations
+
+### Key store implementation variants
+
+There are three variants of the key store implementation, responding to different needs.
+
+* Hybrid key store ([static key slots](#static-key-store) with dynamic key data): the key store is a statically allocated array of slots, of size `MBEDTLS_PSA_KEY_SLOT_COUNT`. Key material is allocated on the heap. This is the historical implementation. It remains the default in the Mbed TLS 3.6 long-time support (LTS) branch when using a handwritten `mbedtls_config.h`, as is common on resource-constrained platforms, because the alternatives have tradeoffs (key size limit and larger RAM usage at rest for the static key store, larger code size and more risk due to code complexity for the dynamic key store).
+* Fully [static key store](#static-key-store) (since Mbed TLS 3.6.1): the key store is a statically allocated array of slots, of size `MBEDTLS_PSA_KEY_SLOT_COUNT`. Each key slot contains the key representation directly, and the key representation must be no more than `MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE` bytes. This is intended for very constrained devices that do not have a heap.
+* [Dynamic key store](#dynamic-key-store) (since Mbed TLS 3.6.1): the key store is dynamically allocated as multiple slices on the heap, with a size that adjusts to the application's usage. Key material is allocated on the heap. Compared to the hybrid key store, the code size and RAM consumption are larger. This is intended for higher-end devices where applications are not expected to have a highly predicatable resource usage. This is the default implementation when using the default `mbedtls_config.h` file, as is common on platforms such as Linux, starting with Mbed TLS 3.6.1.
+
+#### Future improvement: merging the key store variants
+
+In the future, we may reduce the number of key store variants to just two, perhaps even one.
+
+We introduced the variants other than the hybrid key store in a patch release of a long-time support version. As a consequence, we wanted to minimize making changes to the default build (when not using the supplied `mbedtls_config.h`, as explained above), to minimize the risk of bugs and the increase in code size. These considerations will not apply in future major or minor releases, so the default key store can change later.
+
+The static key store could become a runtime decision, where only keys larger than some threshold require the use of heap memory. The reasons not to do this in Mbed TLS 3.6.x are that this increases complexity somewhat (slightly more code size, and more risk), and this changes the RAM usage profile somewhat.
+
+A major constraint on the design of the dynamic key store is the need to preserve slot pointers while a slot may be accessed by another thread (see [“Concurrency”](#concurrency)). With the concurrency primitives available in Mbed TLS 3.x, it is very hard to move a key slot in memory, because there could be an indefinite wait until some other thread has finished accessing the slot. This pushed towards the slice-based organisation described below, where each slice is allocated for the long term. In particular, slices cannot be compacted (compacting would be moving slots out of a sparsely-used slice to free it). Better concurrency primitives (e.g. condition variables or semaphores), together with a `realloc()` primitive, could allow freeing unused memory more aggressively, which could make the dynamic key store not detrimental in RAM usage compared to the historical hybrid key store.
+
+#### Slice abstraction
+
+Some parts of the key slot management code use **key slices** as an abstraction. A key slice is an array of key slots. Key slices are identified by an index which is a small non-negative integer.
+
+* With a [static key store](#static-key-store), there is a single, statically allocated slice, with the index 0.
+* With a [dynamic key store](#dynamic-key-store), there is statically allocated array of pointers to key slices. The index of a slice is the index in that array. The slices are allocated on the heap as needed.
+
+#### Key identifiers and slot location
+
+When creating a volatile key, the slice containing the slot and index of the slot in its slice determine the key identifier. When accessing a volatile key, the slice and the slot index in the slice are calculated from the key identifier. The encoding of the slot location in the volatile key identifier is different for a [static](#volatile-key-identifiers-in-the-static-key-store) or [dynamic](#volatile-key-identifiers-in-the-dynamic-key-store) key store.
+
+### Static key store
+
+The static key store is the historical implementation. The key store is a statically allocated array of slots, of size `MBEDTLS_PSA_KEY_SLOT_COUNT`. This value is an upper bound for the total number of volatile keys plus loaded keys.
+
+Since Mbed TLS 3.6.1, there are two variants for the static key store: a hybrid variant (default), and a fully-static variant enabled by the configuration option `MBEDTLS_PSA_STATIC_KEY_SLOTS`. The two variants have the same key store management: the only difference is in how the memory for key data is managed. With fully static key slots, the key data is directly inside the slot, and limited to `MBEDTLS_PSA_KEY_SLOT_BUFFER_SIZE` bytes. With the hybrid key store, the slot contains a pointer to the key data, which is allocated on the heap.
+
+#### Volatile key identifiers in the static key store
+
+For easy lookup, a volatile key whose index is `id` is stored at the index `id - PSA_KEY_ID_VOLATILE_MIN`.
+
+#### Key creation with a static key store
+
+To create a key, `psa_reserve_free_key_slot()` searches the key slot array until it finds one that is empty. If there are none, the code looks for a persistent key that can be purged (see [“Persistent key cache”](#persistent-key-cache)), and purges it. If no slot is free and no slot contains a purgeable key, the key creation fails.
+
+#### Freeing a key slot with a static key store
+
+With a static key store, `psa_wipe_key_slot()` destroys or purges a key by freeing any associated resources, then setting the key slot to the empty state. The slot is then ready for reuse.
+
+### Dynamic key store
+
+The dynamic key store allows a large number of keys, at the expense of more complex memory management.
+
+#### Dynamic key slot performance characteristics
+
+Key management and key access have $O(1)$ amortized performance, and mostly $O(1)$ performance for actions involving keys. More precisely:
+
+* Access to an existing volatile key takes $O(1)$ time.
+* Access to a persistent key (including creation and destruction) takes time that is linear in `MBEDTLS_PSA_KEY_SLOT_COUNT`.
+* Allocating a key takes amortized $O(1)$ time. Usually the time is $O(s)$ where $s$ is the number of slices (which is a hard-coded value less than $30$), but when creating $k$ volatile keys, at most $\log(k)$ creations will involve calls to `calloc()`, totalling $O(k)$ memory.
+* Destroying a volatile key takes $O(1)$ time as of Mbed TLS 3.6.1. Later improvements to memory consumption are likely to involve calls to `free()` which may total $O(k)$ memory where $k$ is the maximum number of volatile keys.
+
+#### Key slices in the dynamic key store
+
+The key slot is organized in slices, which are dynamically arrays of key slot. The number of slices is determined at compile time. The key store contains a static array of pointers to slices.
+
+Volatile keys and loaded keys (persistent or built-in) are stored in separate slices.
+Key slices number 0 to `KEY_SLOT_VOLATILE_SLICE_COUNT - 1` contain only volatile keys.
+One key slice contains only loaded keys: that key slice is thus the cache slice. See [“Persistent key cache”](persistent-key-cache) for how the cache is managed.
+
+#### Volatile key identifiers in the dynamic key store
+
+A volatile key identifier encodes the slice index and the slot index at separate bit positions. That is, `key_id = BASE | slice_index | slot_index` where the bits set in `BASE`, `slice_index` and `slot_index` do not overlap.
+
+#### From key slot to key slice
+
+Some parts of the slot management code need to determine which key slice contains a key slot when given a pointer to the key slot. In principle, the key slice is uniquely determined from the key identifier which is located in the slot:
+
+* for a volatile key identifier, the [slice index is encoded in the key identifier](#volatile-key-identifiers-in-the-dynamic-key-store);
+* for a persistent key identifier or built-in key identifier, [the slot is in the sole cache slice](#key-slices-in-the-dynamic-key-store).
+
+Nonetheless, we store the slice index as a field in the slot, for two reasons:
+
+* It is more robust in case the slice assignment becomes more complex in the future or is somehow buggy.
+* It allows the slot to slice correspondence to work even if the key identifier field has not been filled yet or has been wiped. The implementation in Mbed TLS 3.6.1 requires this because `psa_wipe_key_slot()` wipes the slot, then calls `psa_free_key_slot()`, which needs to determine the slice. Keeping the slice index as a separate field allows us to better separate the concerns of key liveness and slot liveness. A redesign of the internal interfaces could improve this, but would be too disruptive in the 3.6 LTS branch.
+
+#### Length of the volatile key slices
+
+The volatile key slices have exponentially increasing length: each slice is twice as long as the previous one. Thus if the length of slice 0 is `B` and there are `N` slices, then there are `B * (2^N - 1)` slots.
+
+As of Mbed TLS 3.6.1, the maximum number of volatile key slots is less than the theoretical maximum of 2^30 - 2^16 (0x10000000..0x7ffeffff, the largest range of key identifiers reserved for the PSA Crypto implementation that does not overlap the range for built-in keys). The reason is that we limit the slot index to 2^25-1 so that the [encoding of volatile key identifiers](#volatile-key-identifiers-in-the-dynamic-key-store) has 25 bits for the slot index.
+
+When `MBEDTLS_TEST_HOOKS` is enabled, the length of key slices can be overridden. We use this in tests that need to fill the key store.
+
+#### Free list
+
+Each volatile key slice has a **free list**. This is a linked list of all the slots in the slice that are free. The global data contains a static array of free list heads, i.e. the index of a free slot in the slice. Each free slot contains the index of the next free slot in that slice's free list. The end of the list is indicated by an index that is larger than the length of the slice. If the list is empty, the head contains an index that is larger than the length.
+
+As a small optimization, a free slot does not actually contain the index of the next slot, but the index of the next free slot on the list _relative to the next slot in the array_. For example, 0 indicates that the next free slot is the slot immediately after the current slot. This fact is the reason for the encoding: a slice freshly obtained from `calloc` has all of its slots in the free list in order. The value 1 indicates that there is one element between this slot and the next free slot. The next element of the free list can come before the current slot: -2 indicates that it's the slot immediately before, -3 is two slots before, and so on (-1 is impossible). In general, the absolute index of the next slot after slot `i` in the free list is `i + 1 slice[i].next_free_relative_to_next`.
+
+#### Dynamic key slot allocation
+
+To create a volatile key, `psa_reserve_free_key_slot()` searches the free lists of each allocated slice until it finds a slice that is not full. If all allocated slices are full, the code allocates a new slice at the lowest possible slice index. If all possible slices are already allocated and full, the key creation fails.
+
+The newly allocated slot is removed from the slice's free list.
+
+We only allocate a slice of size `B * 2^k` if there are already `B * (2^k - 1)` occupied slots. Thus the memory overhead is at most `B` slots plus the number of occupied slots, i.e. the memory consumption for slots is at most twice the required memory plus a small constant overhead.
+
+#### Dynamic key slot deallocation
+
+When destroying a volatile key, `psa_wipe_key_slot()` calls `psa_free_key_slot()`. This function adds the newly freed slot to the head of the free list.
+
+##### Future improvement: slice deallocation
+
+As of Mbed TLS 3.6.1, `psa_free_key_slot()` does not deallocate slices. Thus the memory consumption for slots never decreases (except when the PSA crypto subsystem is deinitialized). Freeing key slices intelligently would be a desirable improvement.
+
+We should not free a key slice as soon as it becomes empty, because that would cause large allocations and deallocations if there are slices full of long-lived keys, and then one slice keeps being allocate and deallocated for the occasional short-lived keys. Rather, there should be some hysteresis, e.g. only deallocate a slice if there are at least T free slots in the previous slice. [#9435](https://github.com/Mbed-TLS/mbedtls/issues/9435)
+
+Note that currently, the slice array contains one sequence of allocated slices followed by one sequence of unallocated slices. Mixing allocated and unallocated slices may make some parts of the code a little more complex, and should be tested thoroughly.
+
+### Persistent key cache
+
+Persistent keys and built-in keys need to be loaded into the in-memory key store each time they are accessed:
+
+* while creating them;
+* to access their metadata;
+* to start performing an operation with the key;
+* when destroying the key.
+
+To avoid frequent storage access, we cache persistent keys in memory. This cache also applies to built-in keys.
+
+With the [static key store](#static-key-store), a non-empty slot can contain either a volatile key or a cache entry for a persistent or built-in key. With the [dynamic key store](#dynamic-key-store), volatile keys and cached keys are placed in separate [slices](#key-slices-in-the-dynamic-key-store).
+
+The persistent key cache is a fixed-size array of `MBEDTLS_PSA_KEY_SLOT_COUNT` slots. In the static key store, this array is shared with volatile keys. In the dynamic key store, the cache is a separate array that does not contain volatile keys.
+
+#### Accessing a persistent key
+
+`psa_get_and_lock_key_slot()` automatically loads persistent and built-in keys if the specified key identifier is in the corresponding range. To that effect, it traverses the key cache to see if a key with the given identifier is already loaded. If not, it loads the key. This cache walk takes time that is proportional to the cache size.
+
+#### Cache eviction
+
+A key slot must be allocated in the cache slice:
+
+* to create a volatile key (static key store only);
+* to create a persistent key;
+* to load a persistent or built-in key.
+
+If the cache slice is full, the code will try to evict an entry. Only slots that do not have readers can be evicted (see [“Concurrency”](#concurrency)). In the static key store, slots containing volatile keys cannot be evicted.
+
+As of Mbed TLS 3.6.1, there is no tracking of a key's usage frequency or age. The slot eviction code picks the first evictable slot it finds in its traversal order. We have not reasoned about or experimented with different strategies.
diff --git a/framework b/framework
index e8b4ae9..331565b 160000
--- a/framework
+++ b/framework
@@ -1 +1 @@
-Subproject commit e8b4ae9bc4bf7e643ee46bf8ff4ef613be2de86f
+Subproject commit 331565b041f794df2da76394b3b0039abce30355
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 5d51bb9..ff473eb 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -385,7 +385,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
0,
@@ -394,15 +394,15 @@
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#if defined(PSA_WANT_ALG_SHA_256)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -411,12 +411,12 @@
#endif /* MBEDTLS_SSL_HAVE_GCM */
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(PSA_WANT_ALG_SHA_384)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
@@ -445,7 +445,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
@@ -460,7 +460,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -493,7 +493,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
0,
@@ -502,15 +502,15 @@
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#if defined(PSA_WANT_ALG_SHA_256)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
@@ -519,12 +519,12 @@
#endif /* MBEDTLS_SSL_HAVE_GCM */
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(PSA_WANT_ALG_SHA_384)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
@@ -535,7 +535,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
@@ -550,7 +550,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -598,7 +598,7 @@
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_SSL_HAVE_GCM */
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
0,
@@ -608,10 +608,10 @@
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* PSA_WANT_ALG_SHA_256 */
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(MBEDTLS_MD_CAN_SHA1)
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
@@ -623,7 +623,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_CCM)
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
@@ -645,7 +645,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
@@ -669,7 +669,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
@@ -707,7 +707,7 @@
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_SSL_HAVE_GCM */
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
0,
@@ -717,11 +717,11 @@
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(MBEDTLS_MD_CAN_SHA1)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
0,
@@ -731,7 +731,7 @@
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#if defined(MBEDTLS_SSL_HAVE_CCM)
{ MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
@@ -754,7 +754,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
@@ -778,7 +778,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -802,7 +802,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
0,
@@ -811,15 +811,15 @@
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#if defined(PSA_WANT_ALG_SHA_256)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
@@ -828,12 +828,12 @@
#endif /* MBEDTLS_SSL_HAVE_GCM */
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(PSA_WANT_ALG_SHA_384)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
@@ -844,7 +844,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
@@ -859,7 +859,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -892,7 +892,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_MD_CAN_SHA1)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
0,
@@ -901,15 +901,15 @@
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_MD_CAN_SHA1 */
#if defined(PSA_WANT_ALG_SHA_256)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -918,12 +918,12 @@
#endif /* MBEDTLS_SSL_HAVE_GCM */
#endif /* PSA_WANT_ALG_SHA_256 */
#if defined(PSA_WANT_ALG_SHA_384)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -934,7 +934,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
@@ -949,7 +949,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -997,7 +997,7 @@
#endif /* PSA_WANT_ALG_SHA_384 */
#endif /* MBEDTLS_SSL_HAVE_GCM */
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
@@ -1023,7 +1023,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_CCM)
{ MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
@@ -1045,7 +1045,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
@@ -1059,7 +1059,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -1098,7 +1098,7 @@
#endif /* PSA_WANT_ALG_SHA_384 */
#endif /* MBEDTLS_SSL_HAVE_GCM */
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
@@ -1124,7 +1124,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_CCM)
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
@@ -1146,7 +1146,7 @@
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
@@ -1160,7 +1160,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -1184,7 +1184,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
@@ -1210,11 +1210,11 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
@@ -1230,7 +1230,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
@@ -1253,7 +1253,7 @@
#endif /* PSA_WANT_ALG_SHA_384 */
#endif /* MBEDTLS_SSL_HAVE_GCM */
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
@@ -1279,11 +1279,11 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* MBEDTLS_MD_CAN_SHA1 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#endif /* PSA_WANT_KEY_TYPE_AES */
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#if defined(PSA_WANT_ALG_SHA_256)
{ MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
@@ -1297,7 +1297,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_SSL_HAVE_CBC */
+#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
#if defined(MBEDTLS_SSL_HAVE_GCM)
#if defined(PSA_WANT_ALG_SHA_256)
@@ -1457,7 +1457,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-RSA-WITH-ARIA-256-CBC-SHA384",
@@ -1472,7 +1472,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS-RSA-WITH-ARIA-128-CBC-SHA256",
@@ -1492,7 +1492,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
@@ -1507,7 +1507,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
@@ -1527,7 +1527,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-PSK-WITH-ARIA-256-CBC-SHA384",
@@ -1542,7 +1542,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS-PSK-WITH-ARIA-128-CBC-SHA256",
@@ -1562,7 +1562,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
@@ -1577,7 +1577,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
@@ -1597,7 +1597,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
@@ -1612,7 +1612,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
@@ -1625,7 +1625,7 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
@@ -1633,7 +1633,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
@@ -1653,7 +1653,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
@@ -1668,7 +1668,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
"TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
@@ -1688,7 +1688,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
"TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
@@ -1703,7 +1703,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
"TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
@@ -1723,7 +1723,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
"TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
@@ -1738,7 +1738,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
"TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
@@ -1758,7 +1758,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_384))
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
"TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
@@ -1773,7 +1773,7 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
defined(PSA_WANT_ALG_SHA_256))
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
"TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 2235497..5b683bf 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -254,7 +254,7 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
/* This macro determines whether CBC is supported. */
-#if defined(MBEDTLS_SSL_HAVE_CBC) && \
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
(defined(PSA_WANT_KEY_TYPE_AES) || \
defined(MBEDTLS_SSL_HAVE_CAMELLIA) || \
defined(MBEDTLS_SSL_HAVE_ARIA))
@@ -300,7 +300,7 @@
#define MBEDTLS_SSL_MAC_ADD 16
#endif
-#if defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#define MBEDTLS_SSL_PADDING_ADD 256
#else
#define MBEDTLS_SSL_PADDING_ADD 0
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 867dd4a..3a2cbe7 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2486,7 +2486,7 @@
(void) taglen;
#endif
switch (mbedtls_cipher_type) {
-#if defined(PSA_WANT_KEY_TYPE_AES) && defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_KEY_TYPE_AES) && defined(PSA_WANT_ALG_CBC_NO_PADDING)
case MBEDTLS_CIPHER_AES_128_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_AES;
@@ -2521,7 +2521,7 @@
*key_size = 192;
break;
#endif
-#if defined(PSA_WANT_KEY_TYPE_AES) && defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(PSA_WANT_KEY_TYPE_AES) && defined(PSA_WANT_ALG_CBC_NO_PADDING)
case MBEDTLS_CIPHER_AES_256_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_AES;
@@ -2542,7 +2542,7 @@
*key_size = 256;
break;
#endif
-#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(PSA_WANT_ALG_CBC_NO_PADDING)
case MBEDTLS_CIPHER_ARIA_128_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_ARIA;
@@ -2577,7 +2577,7 @@
*key_size = 192;
break;
#endif
-#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(PSA_WANT_ALG_CBC_NO_PADDING)
case MBEDTLS_CIPHER_ARIA_256_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_ARIA;
@@ -2598,7 +2598,7 @@
*key_size = 256;
break;
#endif
-#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(PSA_WANT_ALG_CBC_NO_PADDING)
case MBEDTLS_CIPHER_CAMELLIA_128_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_CAMELLIA;
@@ -2633,7 +2633,7 @@
*key_size = 192;
break;
#endif
-#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC)
+#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(PSA_WANT_ALG_CBC_NO_PADDING)
case MBEDTLS_CIPHER_CAMELLIA_256_CBC:
*alg = PSA_ALG_CBC_NO_PADDING;
*key_type = PSA_KEY_TYPE_CAMELLIA;
diff --git a/scripts/config.py b/scripts/config.py
index 7c32db1..150078a 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -19,6 +19,8 @@
import os
import re
+from abc import ABCMeta
+
class Setting:
"""Representation of one Mbed TLS mbedtls_config.h setting.
@@ -30,12 +32,13 @@
present in mbedtls_config.h but commented out.
* section: the name of the section that contains this symbol.
"""
- # pylint: disable=too-few-public-methods
- def __init__(self, active, name, value='', section=None):
+ # pylint: disable=too-few-public-methods, too-many-arguments
+ def __init__(self, active, name, value='', section=None, configfile=None):
self.active = active
self.name = name
self.value = value
self.section = section
+ self.configfile = configfile
class Config:
"""Representation of the Mbed TLS configuration.
@@ -54,6 +57,7 @@
name to become set.
"""
+ # pylint: disable=unused-argument
def __init__(self):
self.settings = {}
@@ -125,7 +129,13 @@
"""
if name not in self.settings:
return
- self.settings[name].active = False
+
+ setting = self.settings[name]
+ # Check if modifying the config file
+ if setting.configfile and setting.active:
+ setting.configfile.modified = True
+
+ setting.active = False
def adapt(self, adapter):
"""Run adapter on each known symbol and (de)activate it accordingly.
@@ -138,8 +148,12 @@
otherwise unset `name` (i.e. make it known but inactive).
"""
for setting in self.settings.values():
+ is_active = setting.active
setting.active = adapter(setting.name, setting.active,
setting.section)
+ # Check if modifying the config file
+ if setting.configfile and setting.active != is_active:
+ setting.configfile.modified = True
def change_matching(self, regexs, enable):
"""Change all symbols matching one of the regexs to the desired state."""
@@ -148,11 +162,18 @@
regex = re.compile('|'.join(regexs))
for setting in self.settings.values():
if regex.search(setting.name):
+ # Check if modifying the config file
+ if setting.configfile and setting.active != enable:
+ setting.configfile.modified = True
setting.active = enable
def is_full_section(section):
- """Is this section affected by "config.py full" and friends?"""
- return section.endswith('support') or section.endswith('modules')
+ """Is this section affected by "config.py full" and friends?
+
+ In a config file where the sections are not used the whole config file
+ is an empty section (with value None) and the whole file is affected.
+ """
+ return section is None or section.endswith('support') or section.endswith('modules')
def realfull_adapter(_name, active, section):
"""Activate all symbols found in the global and boolean feature sections.
@@ -168,6 +189,26 @@
return active
return True
+PSA_UNSUPPORTED_FEATURE = frozenset([
+ 'PSA_WANT_ALG_CBC_MAC',
+ 'PSA_WANT_ALG_XTS',
+ 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE',
+ 'PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE'
+])
+
+PSA_DEPRECATED_FEATURE = frozenset([
+ 'PSA_WANT_KEY_TYPE_ECC_KEY_PAIR',
+ 'PSA_WANT_KEY_TYPE_RSA_KEY_PAIR'
+])
+
+PSA_UNSTABLE_FEATURE = frozenset([
+ 'PSA_WANT_ECC_SECP_K1_224'
+])
+
+EXCLUDE_FROM_CRYPTO = PSA_UNSUPPORTED_FEATURE | \
+ PSA_DEPRECATED_FEATURE | \
+ PSA_UNSTABLE_FEATURE
+
# The goal of the full configuration is to have everything that can be tested
# together. This includes deprecated or insecure options. It excludes:
# * Options that require additional build dependencies or unusual hardware.
@@ -210,6 +251,9 @@
'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan)
'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers)
'MBEDTLS_X509_REMOVE_INFO', # removes a feature
+ *PSA_UNSUPPORTED_FEATURE,
+ *PSA_DEPRECATED_FEATURE,
+ *PSA_UNSTABLE_FEATURE
])
def is_seamless_alt(name):
@@ -316,6 +360,8 @@
'MBEDTLS_PKCS7_C', # part of libmbedx509
]:
return False
+ if name in EXCLUDE_FROM_CRYPTO:
+ return False
return True
def crypto_adapter(adapter):
@@ -334,6 +380,7 @@
DEPRECATED = frozenset([
'MBEDTLS_PSA_CRYPTO_SE_C',
+ *PSA_DEPRECATED_FEATURE
])
def no_deprecated_adapter(adapter):
"""Modify an adapter to disable deprecated symbols.
@@ -368,43 +415,25 @@
return adapter(name, active, section)
return continuation
-class ConfigFile(Config):
- """Representation of the Mbed TLS configuration read for a file.
+class ConfigFile(metaclass=ABCMeta):
+ """Representation of a configuration file."""
- See the documentation of the `Config` class for methods to query
- and modify the configuration.
- """
-
- _path_in_tree = 'include/mbedtls/mbedtls_config.h'
- default_path = [_path_in_tree,
- os.path.join(os.path.dirname(__file__),
- os.pardir,
- _path_in_tree),
- os.path.join(os.path.dirname(os.path.abspath(os.path.dirname(__file__))),
- _path_in_tree)]
-
- def __init__(self, filename=None):
- """Read the Mbed TLS configuration file."""
+ def __init__(self, default_path, name, filename=None):
+ """Check if the config file exists."""
if filename is None:
- for candidate in self.default_path:
+ for candidate in default_path:
if os.path.lexists(candidate):
filename = candidate
break
else:
- raise Exception('Mbed TLS configuration file not found',
- self.default_path)
- super().__init__()
- self.filename = filename
- self.inclusion_guard = None
- self.current_section = 'header'
- with open(filename, 'r', encoding='utf-8') as file:
- self.templates = [self._parse_line(line) for line in file]
- self.current_section = None
+ raise FileNotFoundError(f'{name} configuration file not found: '
+ f'{filename if filename else default_path}')
- def set(self, name, value=None):
- if name not in self.settings:
- self.templates.append((name, '', '#define ' + name + ' '))
- super().set(name, value)
+ self.filename = filename
+ self.templates = []
+ self.current_section = None
+ self.inclusion_guard = None
+ self.modified = False
_define_line_regexp = (r'(?P<indentation>\s*)' +
r'(?P<commented_out>(//\s*)?)' +
@@ -420,39 +449,57 @@
_ifndef_line_regexp,
_section_line_regexp]))
def _parse_line(self, line):
- """Parse a line in mbedtls_config.h and return the corresponding template."""
+ """Parse a line in the config file, save the templates representing the lines
+ and return the corresponding setting element.
+ """
+
line = line.rstrip('\r\n')
m = re.match(self._config_line_regexp, line)
if m is None:
- return line
+ self.templates.append(line)
+ return None
elif m.group('section'):
self.current_section = m.group('section')
- return line
+ self.templates.append(line)
+ return None
elif m.group('inclusion_guard') and self.inclusion_guard is None:
self.inclusion_guard = m.group('inclusion_guard')
- return line
+ self.templates.append(line)
+ return None
else:
active = not m.group('commented_out')
name = m.group('name')
value = m.group('value')
if name == self.inclusion_guard and value == '':
# The file double-inclusion guard is not an option.
- return line
+ self.templates.append(line)
+ return None
template = (name,
m.group('indentation'),
m.group('define') + name +
m.group('arguments') + m.group('separator'))
- self.settings[name] = Setting(active, name, value,
- self.current_section)
- return template
+ self.templates.append(template)
- def _format_template(self, name, indent, middle):
- """Build a line for mbedtls_config.h for the given setting.
+ return (active, name, value, self.current_section)
+
+ def parse_file(self):
+ """Parse the whole file and return the settings."""
+
+ with open(self.filename, 'r', encoding='utf-8') as file:
+ for line in file:
+ setting = self._parse_line(line)
+ if setting is not None:
+ yield setting
+ self.current_section = None
+
+ #pylint: disable=no-self-use
+ def _format_template(self, setting, indent, middle):
+ """Build a line for the config file for the given setting.
The line has the form "<indent>#define <name> <value>"
where <middle> is "#define <name> ".
"""
- setting = self.settings[name]
+
value = setting.value
if value is None:
value = ''
@@ -470,26 +517,230 @@
middle,
value]).rstrip()
- def write_to_stream(self, output):
+ def write_to_stream(self, settings, output):
"""Write the whole configuration to output."""
+
for template in self.templates:
if isinstance(template, str):
line = template
else:
- line = self._format_template(*template)
+ name, indent, middle = template
+ line = self._format_template(settings[name], indent, middle)
output.write(line + '\n')
+ def write(self, settings, filename=None):
+ """Write the whole configuration to the file it was read from.
+
+ If filename is specified, write to this file instead.
+ """
+
+ if filename is None:
+ filename = self.filename
+
+ # Not modified so no need to write to the file
+ if not self.modified and filename == self.filename:
+ return
+
+ with open(filename, 'w', encoding='utf-8') as output:
+ self.write_to_stream(settings, output)
+
+class MbedTLSConfigFile(ConfigFile):
+ """Representation of an MbedTLS configuration file."""
+
+ _path_in_tree = 'include/mbedtls/mbedtls_config.h'
+ default_path = [_path_in_tree,
+ os.path.join(os.path.dirname(__file__),
+ os.pardir,
+ _path_in_tree),
+ os.path.join(os.path.dirname(os.path.abspath(os.path.dirname(__file__))),
+ _path_in_tree)]
+
+ def __init__(self, filename=None):
+ super().__init__(self.default_path, 'Mbed TLS', filename)
+ self.current_section = 'header'
+
+class CryptoConfigFile(ConfigFile):
+ """Representation of a Crypto configuration file."""
+
+ # Temporary, while Mbed TLS does not just rely on the TF-PSA-Crypto
+ # build system to build its crypto library. When it does, the
+ # condition can just be removed.
+ _path_in_tree = 'include/psa/crypto_config.h' \
+ if os.path.isfile('include/psa/crypto_config.h') else \
+ 'tf-psa-crypto/include/psa/crypto_config.h'
+ default_path = [_path_in_tree,
+ os.path.join(os.path.dirname(__file__),
+ os.pardir,
+ _path_in_tree),
+ os.path.join(os.path.dirname(os.path.abspath(os.path.dirname(__file__))),
+ _path_in_tree)]
+
+ def __init__(self, filename=None):
+ super().__init__(self.default_path, 'Crypto', filename)
+
+class MbedTLSConfig(Config):
+ """Representation of the Mbed TLS configuration.
+
+ See the documentation of the `Config` class for methods to query
+ and modify the configuration.
+ """
+
+ def __init__(self, filename=None):
+ """Read the Mbed TLS configuration file."""
+
+ super().__init__()
+ self.configfile = MbedTLSConfigFile(filename)
+ self.settings.update({name: Setting(active, name, value, section, self.configfile)
+ for (active, name, value, section)
+ in self.configfile.parse_file()})
+
+ def set(self, name, value=None):
+ """Set name to the given value and make it active."""
+
+ if name not in self.settings:
+ self.configfile.templates.append((name, '', '#define ' + name + ' '))
+
+ super().set(name, value)
+
def write(self, filename=None):
"""Write the whole configuration to the file it was read from.
If filename is specified, write to this file instead.
"""
- if filename is None:
- filename = self.filename
- with open(filename, 'w', encoding='utf-8') as output:
- self.write_to_stream(output)
+
+ self.configfile.write(self.settings, filename)
+
+ def filename(self):
+ """Get the name of the config file."""
+
+ return self.configfile.filename
+
+class CryptoConfig(Config):
+ """Representation of the PSA crypto configuration.
+
+ See the documentation of the `Config` class for methods to query
+ and modify the configuration.
+ """
+
+ def __init__(self, filename=None):
+ """Read the PSA crypto configuration file."""
+
+ super().__init__()
+ self.configfile = CryptoConfigFile(filename)
+ self.settings.update({name: Setting(active, name, value, section, self.configfile)
+ for (active, name, value, section)
+ in self.configfile.parse_file()})
+
+ def set(self, name, value='1'):
+ """Set name to the given value and make it active."""
+
+ if name in PSA_UNSUPPORTED_FEATURE:
+ raise ValueError(f'Feature is unsupported: \'{name}\'')
+ if name in PSA_UNSTABLE_FEATURE:
+ raise ValueError(f'Feature is unstable: \'{name}\'')
+
+ if name not in self.settings:
+ self.configfile.templates.append((name, '', '#define ' + name + ' '))
+
+ super().set(name, value)
+
+ def write(self, filename=None):
+ """Write the whole configuration to the file it was read from.
+
+ If filename is specified, write to this file instead.
+ """
+
+ self.configfile.write(self.settings, filename)
+
+ def filename(self):
+ """Get the name of the config file."""
+
+ return self.configfile.filename
+
+class CombinedConfig(Config):
+ """Representation of MbedTLS and PSA crypto configuration
+
+ See the documentation of the `Config` class for methods to query
+ and modify the configuration.
+ """
+
+ def __init__(self, *configs):
+ super().__init__()
+ for config in configs:
+ if isinstance(config, MbedTLSConfigFile):
+ self.mbedtls_configfile = config
+ elif isinstance(config, CryptoConfigFile):
+ self.crypto_configfile = config
+ else:
+ raise ValueError(f'Invalid configfile: {config}')
+
+ self.settings.update({name: Setting(active, name, value, section, configfile)
+ for configfile in [self.mbedtls_configfile, self.crypto_configfile]
+ for (active, name, value, section) in configfile.parse_file()})
+
+ _crypto_regexp = re.compile(r'$PSA_.*')
+ def _get_configfile(self, name):
+ """Find a config type for a setting name"""
+
+ if name in self.settings:
+ return self.settings[name].configfile
+ elif re.match(self._crypto_regexp, name):
+ return self.crypto_configfile
+ else:
+ return self.mbedtls_configfile
+
+ def __setitem__(self, name, value):
+ super().__setitem__(name, value)
+ self.settings[name].configfile.modified = True
+
+ def set(self, name, value=None):
+ """Set name to the given value and make it active."""
+
+ configfile = self._get_configfile(name)
+
+ if configfile == self.crypto_configfile:
+ if name in PSA_UNSUPPORTED_FEATURE:
+ raise ValueError(f'Feature is unsupported: \'{name}\'')
+ if name in PSA_UNSTABLE_FEATURE:
+ raise ValueError(f'Feature is unstable: \'{name}\'')
+
+ # The default value in the crypto config is '1'
+ if not value:
+ value = '1'
+
+ if name in self.settings:
+ setting = self.settings[name]
+ if not setting.active or (value is not None and setting.value != value):
+ configfile.modified = True
+ else:
+ configfile.templates.append((name, '', '#define ' + name + ' '))
+ configfile.modified = True
+
+ super().set(name, value)
+
+ def write(self, mbedtls_file=None, crypto_file=None):
+ """Write the whole configuration to the file it was read from.
+
+ If mbedtls_file or crypto_file is specified, write the specific configuration
+ to the corresponding file instead.
+ """
+
+ self.mbedtls_configfile.write(self.settings, mbedtls_file)
+ self.crypto_configfile.write(self.settings, crypto_file)
+
+ def filename(self, name=None):
+ """Get the names of the config files.
+
+ If 'name' is specified return the name of the config file where it is defined.
+ """
+
+ if not name:
+ return [config.filename for config in [self.mbedtls_configfile, self.crypto_configfile]]
+
+ return self._get_configfile(name).filename
if __name__ == '__main__':
+ #pylint: disable=too-many-statements
def main():
"""Command line mbedtls_config.h manipulation tool."""
parser = argparse.ArgumentParser(description="""
@@ -498,7 +749,11 @@
parser.add_argument('--file', '-f',
help="""File to read (and modify if requested).
Default: {}.
- """.format(ConfigFile.default_path))
+ """.format(MbedTLSConfigFile.default_path))
+ parser.add_argument('--cryptofile', '-c',
+ help="""Crypto file to read (and modify if requested).
+ Default: {}.
+ """.format(CryptoConfigFile.default_path))
parser.add_argument('--force', '-o',
action='store_true',
help="""For the set command, if SYMBOL is not
@@ -576,7 +831,7 @@
excluding X.509 and TLS.""")
args = parser.parse_args()
- config = ConfigFile(args.file)
+ config = CombinedConfig(MbedTLSConfigFile(args.file), CryptoConfigFile(args.cryptofile))
if args.command is None:
parser.print_help()
return 1
@@ -590,7 +845,7 @@
if not args.force and args.symbol not in config.settings:
sys.stderr.write("A #define for the symbol {} "
"was not found in {}\n"
- .format(args.symbol, config.filename))
+ .format(args.symbol, config.filename(args.symbol)))
return 1
config.set(args.symbol, value=args.value)
elif args.command == 'set-all':
diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index 683d2e1..ec4ab64 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -501,7 +501,7 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
- defined(MBEDTLS_SSL_HAVE_CBC) && defined(PSA_WANT_KEY_TYPE_AES)
+ defined(PSA_WANT_ALG_CBC_NO_PADDING) && defined(PSA_WANT_KEY_TYPE_AES)
int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
const unsigned char *iv,
size_t iv_len,
@@ -509,7 +509,7 @@
size_t ilen,
unsigned char *output,
size_t *olen);
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC &&
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && PSA_WANT_ALG_CBC_NO_PADDING &&
PSA_WANT_KEY_TYPE_AES */
int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index fa17e13..5098099 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -541,7 +541,7 @@
default=True)
options = parser.parse_args()
os.chdir(options.directory)
- conf = config.ConfigFile(options.config)
+ conf = config.MbedTLSConfig(options.config)
domain_data = DomainData(options, conf)
if options.tasks is True:
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index bc62628..3a1e301 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -551,7 +551,10 @@
* happen in test environment, unless forced manually. */
}
}
- mbedtls_test_ssl_message_queue_pop_info(queue, buf_len);
+ ret = mbedtls_test_ssl_message_queue_pop_info(queue, buf_len);
+ if (ret < 0) {
+ return ret;
+ }
return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len;
}
@@ -1079,7 +1082,7 @@
MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
- defined(MBEDTLS_SSL_HAVE_CBC) && defined(PSA_WANT_KEY_TYPE_AES)
+ defined(PSA_WANT_ALG_CBC_NO_PADDING) && defined(PSA_WANT_KEY_TYPE_AES)
int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
const unsigned char *iv,
size_t iv_len,
@@ -1127,7 +1130,7 @@
iv, iv_len, input, ilen, output, olen);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
}
-#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC &&
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && PSA_WANT_ALG_CBC_NO_PADDING &&
PSA_WANT_KEY_TYPE_AES */
static void mbedtls_test_ssl_cipher_info_from_type(mbedtls_cipher_type_t cipher_type,
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 5f5ed3a..d572e6c 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -373,7 +373,7 @@
handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0
Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0
Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
@@ -381,11 +381,11 @@
handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0
Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
-depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0
Handshake, PSK-WITH-AES-128-CBC-SHA
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0
DTLS Handshake, tls1_2
@@ -401,7 +401,7 @@
handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1
DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1
DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
@@ -409,11 +409,11 @@
handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1
DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
-depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1
DTLS Handshake, PSK-WITH-AES-128-CBC-SHA
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1
DTLS Handshake with serialization, tls1_2
@@ -437,39 +437,39 @@
handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3
Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, non-opaque
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad alg
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad usage
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, no psk
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque
@@ -541,39 +541,39 @@
handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque
-depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH
-depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PSA_CRYPTO_C
+depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PSA_CRYPTO_C
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384
-depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTSL_PSA_CRYPTO_C
+depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTSL_PSA_CRYPTO_C
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg
-depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
+depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage
-depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
+depends_on:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_PK_CAN_ECDSA_SOME:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO
handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
Sending app data via TLS, MFL=512 without fragmentation
@@ -806,51 +806,51 @@
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
DTLS no legacy renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS no legacy renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS no legacy renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS no legacy renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy allow renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy allow renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy allow renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy allow renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy break handshake renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy break handshake renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy break handshake renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
DTLS legacy break handshake renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"
SSL DTLS replay: initial state, seqnum 0
@@ -970,579 +970,579 @@
ssl_session_id_accessors_check:MBEDTLS_SSL_VERSION_TLS1_3
Record crypt, AES-128-CBC, 1.2, SHA-384
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-CBC, 1.2, SHA-384, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-CBC, 1.2, SHA-256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-CBC, 1.2, SHA-256, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-CBC, 1.2, SHA-1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-CBC, 1.2, SHA-1, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-CBC, 1.2, MD5
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-CBC, 1.2, MD5, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, SHA-384
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, SHA-384, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, SHA-256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, SHA-256, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, SHA-1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, SHA-1, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, MD5
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-256-CBC, 1.2, MD5, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-128-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, ARIA-256-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, AES-128-GCM, 1.2
@@ -1842,579 +1842,579 @@
ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-384
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, MD5
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-384
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-256
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, MD5
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_384:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_SHA_256:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0
Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4
Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0
Record crypt, little space, AES-128-GCM, 1.2
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 747a533..8da8ed6 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -2761,7 +2761,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_AES:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_AES:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
void handshake_fragmentation(int mfl,
int expected_srv_hs_fragmentation,
int expected_cli_hs_fragmentation)
diff --git a/tests/suites/test_suite_ssl_decrypt.function b/tests/suites/test_suite_ssl_decrypt.function
index 42afe7a..909e6cf 100644
--- a/tests/suites/test_suite_ssl_decrypt.function
+++ b/tests/suites/test_suite_ssl_decrypt.function
@@ -120,7 +120,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_PROTO_TLS1_2 */
+/* BEGIN_CASE depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_PROTO_TLS1_2 */
void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac,
int length_selector)
{
diff --git a/tests/suites/test_suite_ssl_decrypt.misc.data b/tests/suites/test_suite_ssl_decrypt.misc.data
index 7a49bda..6b3dd7a 100644
--- a/tests/suites/test_suite_ssl_decrypt.misc.data
+++ b/tests/suites/test_suite_ssl_decrypt.misc.data
@@ -15,385 +15,385 @@
ssl_decrypt_null:MBEDTLS_MD_SHA384
Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1
Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2
Decrypt CBC !EtM, AES MD5 !trunc, padlen=0
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0
Decrypt CBC !EtM, AES MD5 !trunc, padlen=240
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240
Decrypt CBC !EtM, AES MD5 !trunc, padlen=1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1
Decrypt CBC !EtM, AES MD5 !trunc, padlen=241
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241
Decrypt CBC !EtM, AES MD5 !trunc, padlen=15
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15
Decrypt CBC !EtM, AES MD5 !trunc, padlen=255
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255
Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1
Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2
Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0
Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240
Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1
Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241
Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15
Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255
Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1
Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2
Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0
Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240
Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1
Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241
Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15
Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255
Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1
Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2
Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0
Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240
Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1
Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241
Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15
Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255
-depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255
Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1
Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2
Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0
Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240
Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1
Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241
Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15
Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255
Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1
Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2
Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0
Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240
Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1
Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241
Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15
Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255
Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1
Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2
Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0
Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240
Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1
Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241
Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15
Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255
Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1
Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2
Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0
Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240
Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1
Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241
Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15
Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_ARIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15
Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_MD5
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_MD5
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15
Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_MD_CAN_SHA1
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15
Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_256
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15
Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255
-depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:PSA_WANT_ALG_SHA_384
+depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384
ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255
diff --git a/tf-psa-crypto/core/psa_util.c b/tf-psa-crypto/core/psa_util.c
index 1034412..b915e13 100644
--- a/tf-psa-crypto/core/psa_util.c
+++ b/tf-psa-crypto/core/psa_util.c
@@ -365,7 +365,7 @@
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
-#if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA)
+#if defined(PSA_HAVE_ALG_SOME_ECDSA)
/**
* \brief Convert a single raw coordinate to DER ASN.1 format. The output der
@@ -599,4 +599,4 @@
return 0;
}
-#endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+#endif /* PSA_HAVE_ALG_SOME_ECDSA */
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h
index ff019f4..e2d7311 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h
@@ -198,7 +198,7 @@
mbedtls_asn1_named_data;
#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) || \
- defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA)
+ defined(PSA_HAVE_ALG_SOME_ECDSA)
/**
* \brief Get the length of an ASN.1 element.
* Updates the pointer to immediately behind the length.
@@ -245,7 +245,7 @@
int mbedtls_asn1_get_tag(unsigned char **p,
const unsigned char *end,
size_t *len, int tag);
-#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || PSA_HAVE_ALG_SOME_ECDSA */
#if defined(MBEDTLS_ASN1_PARSE_C)
/**
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h
index 0c5a85a..7081996 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h
@@ -37,7 +37,7 @@
#endif
#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) || \
- defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA)
+ defined(PSA_HAVE_ALG_SOME_ECDSA)
/**
* \brief Write a length field in ASN.1 format.
*
@@ -66,7 +66,7 @@
*/
int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start,
unsigned char tag);
-#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA*/
+#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || PSA_HAVE_ALG_SOME_ECDSA*/
#if defined(MBEDTLS_ASN1_WRITE_C)
/**
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h
index 5f3d0f3..2520a9a 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_psa.h
@@ -52,9 +52,7 @@
#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
-#if defined(PSA_WANT_ALG_JPAKE)
-#define PSA_WANT_ALG_SOME_PAKE 1
-#endif
+#include "psa/crypto_adjust_config_derived.h"
#include "psa/crypto_adjust_auto_enabled.h"
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h
index c78cc23..08fa5b3 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h
@@ -141,7 +141,7 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
-#if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA)
+#if defined(PSA_HAVE_ALG_SOME_ECDSA)
/** Convert an ECDSA signature from raw format to DER ASN.1 format.
*
@@ -181,7 +181,7 @@
int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_len,
unsigned char *raw, size_t raw_size, size_t *raw_len);
-#endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+#endif /* PSA_HAVE_ALG_SOME_ECDSA */
/**@}*/
diff --git a/tf-psa-crypto/drivers/builtin/src/asn1parse.c b/tf-psa-crypto/drivers/builtin/src/asn1parse.c
index e33fdf7..ecea904 100644
--- a/tf-psa-crypto/drivers/builtin/src/asn1parse.c
+++ b/tf-psa-crypto/drivers/builtin/src/asn1parse.c
@@ -8,7 +8,7 @@
#include "common.h"
#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) || \
- defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA)
+ defined(PSA_HAVE_ALG_SOME_ECDSA)
#include "mbedtls/asn1.h"
#include "mbedtls/platform_util.h"
@@ -74,7 +74,7 @@
return mbedtls_asn1_get_len(p, end, len);
}
-#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || PSA_HAVE_ALG_SOME_ECDSA */
#if defined(MBEDTLS_ASN1_PARSE_C)
int mbedtls_asn1_get_bool(unsigned char **p,
diff --git a/tf-psa-crypto/drivers/builtin/src/asn1write.c b/tf-psa-crypto/drivers/builtin/src/asn1write.c
index 775a9ef..6355fad 100644
--- a/tf-psa-crypto/drivers/builtin/src/asn1write.c
+++ b/tf-psa-crypto/drivers/builtin/src/asn1write.c
@@ -8,7 +8,7 @@
#include "common.h"
#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) || \
- defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA)
+ defined(PSA_HAVE_ALG_SOME_ECDSA)
#include "mbedtls/asn1write.h"
#include "mbedtls/error.h"
@@ -63,7 +63,7 @@
return 1;
}
-#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || PSA_HAVE_ALG_SOME_ECDSA */
#if defined(MBEDTLS_ASN1_WRITE_C)
static int mbedtls_asn1_write_len_and_tag(unsigned char **p,
diff --git a/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h b/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h
new file mode 100644
index 0000000..84b4202
--- /dev/null
+++ b/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h
@@ -0,0 +1,31 @@
+/**
+ * \file psa/crypto_adjust_config_derived.h
+ * \brief Adjust PSA configuration by defining internal symbols
+ *
+ * This is an internal header. Do not include it directly.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H
+#define PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H
+
+#if !defined(MBEDTLS_CONFIG_FILES_READ)
+#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
+ "up to and including runtime errors such as buffer overflows. " \
+ "If you're trying to fix a complaint from check_config.h, just remove " \
+ "it from your configuration file: since Mbed TLS 3.0, it is included " \
+ "automatically at the right point."
+#endif /* */
+
+#if defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
+#define PSA_HAVE_ALG_SOME_ECDSA
+#endif
+
+#if defined(PSA_WANT_ALG_JPAKE)
+#define PSA_WANT_ALG_SOME_PAKE 1
+#endif
+
+#endif /* PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H */
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function
index 2d8915e..05b6253 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.function
@@ -3,7 +3,7 @@
#include <mbedtls/psa_util.h>
/* END_HEADER */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+/* BEGIN_CASE depends_on:PSA_HAVE_ALG_SOME_ECDSA */
void ecdsa_raw_to_der(int key_bits, data_t *input, data_t *exp_result, int exp_ret)
{
unsigned char *tmp_buf = NULL;
@@ -24,7 +24,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+/* BEGIN_CASE depends_on:PSA_HAVE_ALG_SOME_ECDSA */
void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_result)
{
unsigned char *tmp_buf = NULL;
@@ -54,7 +54,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */
+/* BEGIN_CASE depends_on:PSA_HAVE_ALG_SOME_ECDSA */
void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_ret)
{
unsigned char *in_buf = NULL;