Merge remote-tracking branch 'tls/pr/2028' into development
diff --git a/.github/issue_template.md b/.github/issue_template.md
index 7c31353..7d4f1e8 100644
--- a/.github/issue_template.md
+++ b/.github/issue_template.md
@@ -1,41 +1,44 @@
-Note: This is just a template, so feel free to use/remove the unnecessary things
+<!--
+
+ ************************************** WARNING **************************************
+
+ The ciarcom bot parses this header automatically. Any deviation from the
+ template may cause the bot to automatically correct this header or may result in a
+ warning message, requesting updates.
+
+ Please ensure that nothing follows the Issue request type section, all
+ issue details are within the Description section and no changes are made to the
+ template format (as detailed below).
+
+ *************************************************************************************
+
+-->
### Description
-- Type: Bug | Enhancement\Feature Request | Question
-- Priority: Blocker | Major | Minor
----------------------------------------------------------------
-## Bug
+<!--
+ Required
+ Add detailed description of what you are reporting.
+ Good example: https://os.mbed.com/docs/latest/reference/workflow.html
+ Things to consider sharing:
+ - What target does this relate to?
+ - What toolchain (name + version) are you using?
+ - What tools (name + version - is it mbed-cli, online compiler or IDE) are you using?
+ - What is the SHA of Mbed OS (git log -n1 --oneline)?
+ - Steps to reproduce. (Did you publish code or a test case that exhibits the problem?)
+-->
-**OS**
-Mbed OS|linux|windows|
-**mbed TLS build:**
-Version: x.x.x or git commit id
-OS version: x.x.x
-Configuration: please attach config.h file where possible
-Compiler and options (if you used a pre-built binary, please indicate how you obtained it):
-Additional environment information:
+### Issue request type
-**Peer device TLS stack and version**
-OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other
-Version:
+<!--
+ Required
+ Please add only one X to one of the following types. Do not fill multiple types (split the issue otherwise.)
+ Please note this is not a GitHub task list, indenting the boxes or changing the format to add a '.' or '*' in front
+ of them would change the meaning incorrectly. The only changes to be made are to add a description text under the
+ description heading and to add a 'x' to the correct box.
+-->
+ [ ] Question
+ [ ] Enhancement
+ [ ] Bug
-**Expected behavior**
-
-**Actual behavior**
-
-**Steps to reproduce**
-
-----------------------------------------------------------------
-## Enhancement\Feature Request
-
-**Justification - why does the library need this feature?**
-
-**Suggested enhancement**
-
------------------------------------------------------------------
-
-## Question
-
-**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb), and preferably file an issue in the [Mbed TLS support forum](https://forums.mbed.com/c/mbed-tls)**
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
deleted file mode 100644
index 485b541..0000000
--- a/.github/pull_request_template.md
+++ /dev/null
@@ -1,39 +0,0 @@
-Notes:
-* Pull requests cannot be accepted until:
-- The submitter has [accepted the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/)
- or for companies or those that do not wish to create an mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/)
-- The PR follows the [mbed TLS coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards)
-* This is just a template, so feel free to use/remove the unnecessary things
-## Description
-A few sentences describing the overall goals of the pull request's commits.
-
-
-## Status
-**READY/IN DEVELOPMENT/HOLD**
-
-## Requires Backporting
-When there is a bug fix, it should be backported to all maintained and supported branches.
-Changes do not have to be backported if:
-- This PR is a new feature\enhancement
-- This PR contains changes in the API. If this is true, and there is a need for the fix to be backported, the fix should be handled differently in the legacy branch
-
-Yes | NO
-Which branch?
-
-## Migrations
-If there is any API change, what's the incentive and logic for it.
-
-YES | NO
-
-## Additional comments
-Any additional information that could be of interest
-
-## Todos
-- [ ] Tests
-- [ ] Documentation
-- [ ] Changelog updated
-- [ ] Backported
-
-
-## Steps to test or reproduce
-Outline the steps to test or reproduce the PR here.
diff --git a/.travis.yml b/.travis.yml
index 4fc31c9..bd5e750 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -23,7 +23,7 @@
- make test
- programs/test/selftest
- OSSL_NO_DTLS=1 tests/compat.sh
-- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl'
+- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' --seed 4
- tests/scripts/test-ref-configs.pl
- tests/scripts/curves.pl
- tests/scripts/key-exchanges.pl
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 99bf31f..11efd87 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -168,6 +168,7 @@
endif()
include_directories(include/)
+include_directories(library/)
if(ENABLE_ZLIB_SUPPORT)
find_package(ZLIB)
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 010dffc..18851db 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -50,7 +50,7 @@
2. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted.
- 3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be addtional test cases or quality improvements such as changes to build or test scripts.
+ 3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts.
It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors.
diff --git a/ChangeLog b/ChangeLog
index 9198ab6..2e75000 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,16 @@
= mbed TLS 2.x.x branch released xxxx-xx-xx
+Features
+ * Add a new X.509 API call `mbedtls_x509_parse_der_nocopy()`
+ which allows copy-less parsing of DER encoded X.509 CRTs,
+ at the cost of additional lifetime constraints on the input
+ buffer, but at the benefit of reduced RAM consumption.
+
+API Changes
+ * Add a new X.509 API call `mbedtls_x509_parse_der_nocopy()`.
+ See the Features section for more information.
+
Bugfix
* Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined
when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242.
@@ -11,6 +21,38 @@
previously lead to a stack overflow on constrained targets.
* Add `MBEDTLS_SELF_TEST` for the mbedtls_self_test functions
in the header files, which missed the precompilation check. #971
+ * Fix returning the value 1 when mbedtls_ecdsa_genkey failed.
+ * Remove a duplicate #include in a sample program. Fixed by Masashi Honma #2326.
+ * Remove the mbedtls namespacing from the header file, to fix a "file not found"
+ build error. Fixed by Haijun Gu #2319.
+ * Fix signed-to-unsigned integer conversion warning
+ in X.509 module. Fixes #2212.
+ * Reduce stack usage of `mpi_write_hlp()` by eliminating recursion.
+ Fixes #2190.
+ * Fix false failure in all.sh when backup files exist in include/mbedtls
+ (e.g. config.h.bak). Fixed by Peter Kolbus (Garmin) #2407.
+
+Changes
+ * Reduce RAM consumption during session renegotiation by not storing
+ the peer CRT chain and session ticket twice.
+ * Include configuration file in all header files that use configuration,
+ instead of relying on other header files that they include.
+ Inserted as an enhancement for #1371
+ * Add support for alternative CSR headers, as used by Microsoft and defined
+ in RFC 7468. Found by Michael Ernst. Fixes #767.
+ * Correct many misspellings. Fixed by MisterDA #2371.
+ * Provide an abstraction of vsnprintf to allow alternative implementations
+ for platforms that don't provide it. Based on contributions by Joris Aerts
+ and Nathaniel Wesley Filardo.
+ * Fix clobber list in MIPS assembly for large integer multiplication.
+ Previously, this could lead to functionally incorrect assembly being
+ produced by some optimizing compilers, showing up as failures in
+ e.g. RSA or ECC signature operations. Reported in #1722, fix suggested
+ by Aurelien Jarno and submitted by Jeffrey Martin.
+ * Reduce the complexity of the timing tests. They were assuming more than the
+ underlying OS actually guarantees.
+ * Fix configuration queries in ssl-opt.h. #2030
+ * Ensure that ssl-opt.h can be run in OS X. #2029
* Ensure that unused bits are zero when writing ASN.1 bitstrings when using
mbedtls_asn1_write_bitstring().
* Fix issue when writing the named bitstrings in KeyUsage and NsCertType
@@ -79,6 +121,24 @@
* Clarify documentation of mbedtls_ssl_set_own_cert() regarding the absence
of check for certificate/key matching. Reported by Attila Molnar, #507.
+ = mbed TLS 2.15.1 branch released 2018-11-30
+
+ Changes
+ * Update the Mbed Crypto submodule to version 0.1.0b2.
+
+ = mbed TLS 2.15.0 branch released 2018-11-23
+
+ Features
+ * Add an experimental build option, USE_CRYPTO_SUBMODULE, to enable use of
+ Mbed Crypto as the source of the cryptography implementation.
+ * Add an experimental configuration option, MBEDTLS_PSA_CRYPTO_C, to enable
+ the PSA Crypto API from Mbed Crypto when additionally used with the
+ USE_CRYPTO_SUBMODULE build option.
+
+ Changes
+ * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
+ from the cipher abstraction layer. Fixes #2198.
+
= mbed TLS 2.14.1 branch released 2018-11-30
Security
@@ -331,7 +391,7 @@
1.2, that allowed a local attacker, able to execute code on the local
machine as well as manipulate network packets, to partially recover the
plaintext of messages under some conditions by using a cache attack
- targetting an internal MD/SHA buffer. With TLS or if
+ targeting an internal MD/SHA buffer. With TLS or if
mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
the same secret (for example a HTTP Cookie) has been repeatedly sent over
connections manipulated by the attacker. Connections using GCM or CCM
@@ -1217,7 +1277,7 @@
* Fix potential build failures related to the 'apidoc' target, introduced
in the previous patch release. Found by Robert Scheck. #390 #391
* Fix issue in Makefile that prevented building using armar. #386
- * Fix memory leak that occured only when ECJPAKE was enabled and ECDHE and
+ * Fix memory leak that occurred only when ECJPAKE was enabled and ECDHE and
ECDSA was disabled in config.h . The leak didn't occur by default.
* Fix an issue that caused valid certificates to be rejected whenever an
expired or not yet valid certificate was parsed before a valid certificate
@@ -1459,7 +1519,7 @@
You now need to link to all of them if you use TLS for example.
* All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace.
Some names have been further changed to make them more consistent.
- Migration helpers scripts/rename.pl and include/mbedlts/compat-1.3.h are
+ Migration helpers scripts/rename.pl and include/mbedtls/compat-1.3.h are
provided. Full list of renamings in scripts/data_files/rename-1.3-2.0.txt
* Renamings of fields inside structures, not covered by the previous list:
mbedtls_cipher_info_t.key_length -> key_bitlen
@@ -1514,7 +1574,7 @@
* net_accept() gained new arguments for the size of the client_ip buffer.
* In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
return void.
- * ecdsa_write_signature() gained an addtional md_alg argument and
+ * ecdsa_write_signature() gained an additional md_alg argument and
ecdsa_write_signature_det() was deprecated.
* pk_sign() no longer accepts md_alg == POLARSSL_MD_NONE with ECDSA.
* Last argument of x509_crt_check_key_usage() and
@@ -3049,7 +3109,7 @@
not swapped on PadLock; also fixed compilation on older versions
of gcc (bug reported by David Barrett)
* Correctly handle the case in padlock_xcryptcbc() when input or
- ouput data is non-aligned by falling back to the software
+ output data is non-aligned by falling back to the software
implementation, as VIA Nehemiah cannot handle non-aligned buffers
* Fixed a memory leak in x509parse_crt() which was reported by Greg
Robson-Garth; some x509write.c fixes by Pascal Vizeli, thanks to
diff --git a/Makefile b/Makefile
index f4c0a00..f32641a 100644
--- a/Makefile
+++ b/Makefile
@@ -24,6 +24,8 @@
install: no_test
mkdir -p $(DESTDIR)/include/mbedtls
cp -rp include/mbedtls $(DESTDIR)/include
+ mkdir -p $(DESTDIR)/include/psa
+ cp -rp include/psa $(DESTDIR)/include
mkdir -p $(DESTDIR)/lib
cp -RP library/libmbedtls.* $(DESTDIR)/lib
diff --git a/README.md b/README.md
index d7a0e9d..785584a 100644
--- a/README.md
+++ b/README.md
@@ -1,187 +1,97 @@
-README for Mbed TLS
-===================
+# Mbed Crypto library
-Configuration
--------------
+The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only.
-Mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully documented configuration file `include/mbedtls/config.h`, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Perl script `scripts/config.pl` (use `--help` for usage instructions).
+Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license.
-Compiler options can be set using conventional environment variables such as `CC` and `CFLAGS` when using the Make and CMake build system (see below).
+## PSA cryptography API
-Compiling
----------
+Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
-There are currently three active build systems used within Mbed TLS releases:
+The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform.
-- GNU Make
-- CMake
-- Microsoft Visual Studio (Microsoft Visual Studio 2010 or later)
+The design goals of the PSA cryptography API include:
-The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically.
+* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
+* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators.
+* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications.
+* The interface to algorithms is generic, favoring algorithm agility.
+* The interface is designed to be easy to use and hard to accidentally misuse.
-The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto, and libmbedx509 depends on libmbedcrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`. Also, when loading shared libraries using dlopen(), you'll need to load libmbedcrypto first, then libmbedx509, before you can load libmbedtls.
+## Mbed Crypto implementation
-### Make
+Mbed Crypto is a reference implementation of the PSA cryptography API. It is written in portable C.
-We require GNU Make. To build the library and the sample programs, GNU Make and a C compiler are sufficient. Some of the more advanced build targets require some Unix/Linux tools.
+## Documentation
-We intentionally only use a minimum of functionality in the makefiles in order to keep them as simple and independent of different toolchains as possible, to allow users to more easily move between different platforms. Users who need more features are recommended to use CMake.
+The Mbed Crypto library is a reference implementation of the PSA cryptography API. Please refer to the PSA Cryptography API documents for an overview of the library's interfaces and a detailed description of the types, macros and functions that it provides.
-In order to build from the source code using GNU Make, just enter at the command line:
+There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list.
- make
+### PSA Cryptography API
-In order to run the tests, enter:
+The PSA cryptography API specification consists of the following documents:
- make check
+* The [PSA Cryptography API overview](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Specification.pdf).
+* The [PSA Cryptography API detailed function reference](https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/PSA_Cryptography_API_Reference.pdf), which you can also browse in [HTML format](https://htmlpreview.github.io/?https://github.com/ARMmbed/mbed-crypto/blob/psa-crypto-api/docs/html/modules.html).
-The tests need Perl to be built and run. If you don't have Perl installed, you can skip building the tests with:
+### Browsable library documentation
- make no_test
+To generate a local copy of the library documentation in HTML format:
-You'll still be able to run a much smaller set of tests with:
+1. Make sure that [Doxygen](http://www.doxygen.nl/) is installed. We use version 1.8.11 but slightly older or more recent versions should work.
+1. Run `make apidoc`.
+1. Browse `apidoc/index.html` or `apidoc/modules.html`.
- programs/test/selftest
+## Compiling
-In order to build for a Windows platform, you should use `WINDOWS_BUILD=1` if the target is Windows but the build environment is Unix-like (for instance when cross-compiling, or compiling from an MSYS shell), and `WINDOWS=1` if the build environment is a Windows shell (for instance using mingw32-make) (in that case some targets will not be available).
+You need the following tools to build the library with the provided makefiles:
-Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved.
+* GNU Make or a build tool that CMake supports.
+* A C99 toolchain (compiler, linker, archiver).
+* Python 2 or Python 3 (either will work) to generate the test code.
+* Perl to run the tests.
-Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overriden from the command line.
+If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs.
-Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue.
+To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`), and set `AR` to a compatible archiver (default: `ar`). For example:
+```
+make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
+```
+The provided makefiles pass options to the compiler that assume a GCC-like command-line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
-In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://tls.mbed.org/kb).
+To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
-### CMake
+### Compiling as a subproject
-In order to build the source using CMake in a separate directory (recommended), just enter at the command line:
+Mbed Crypto supports being built as a subproject of Mbed TLS. Mbed TLS can use Mbed Crypto for its cryptography implementation by using Mbed Crypto as a subproject.
- mkdir /path/to/build_dir && cd /path/to/build_dir
- cmake /path/to/mbedtls_source
- make
+From the Mbed TLS project repository, CMake can be invoked as follows to build Mbed TLS using Mbed Crypto's `libmbedcrypto`.
+```
+mkdir cmake
+cd cmake
+cmake .. -DUSE_CRYPTO_SUBMODULE=1
+make -j
+make test
+```
-In order to run the tests, enter:
+When building Mbed Crypto as a subproject of Mbed TLS, the Mbed TLS
+configuration file (config.h) is used, and not the Mbed Crypto configuration
+file.
- make test
+## Example programs
-The test suites need Perl to be built. If you don't have Perl installed, you'll want to disable the test suites with:
+The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application.
- cmake -DENABLE_TESTING=Off /path/to/mbedtls_source
+## Upcoming features
-If you disabled the test suites, but kept the programs enabled, you can still run a much smaller set of tests with:
+Future releases of this library will include:
- programs/test/selftest
+* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms.
+* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor.
+* A configuration mechanism to compile only the algorithms you need for your application.
+* A wider set of cryptographic algorithms.
-To configure CMake for building shared libraries, use:
+## Feedback welcome
- cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On /path/to/mbedtls_source
-
-There are many different build modes available within the CMake buildsystem. Most of them are available for gcc and clang, though some are compiler-specific:
-
-- `Release`. This generates the default code without any unnecessary information in the binary files.
-- `Debug`. This generates debug information and disables optimization of the code.
-- `Coverage`. This generates code coverage information in addition to debug information.
-- `ASan`. This instruments the code with AddressSanitizer to check for memory errors. (This includes LeakSanitizer, with recent version of gcc and clang.) (With recent version of clang, this mode also instruments the code with UndefinedSanitizer to check for undefined behaviour.)
-- `ASanDbg`. Same as ASan but slower, with debug information and better stack traces.
-- `MemSan`. This instruments the code with MemorySanitizer to check for uninitialised memory reads. Experimental, needs recent clang on Linux/x86\_64.
-- `MemSanDbg`. Same as MemSan but slower, with debug information, better stack traces and origin tracking.
-- `Check`. This activates the compiler warnings that depend on optimization and treats all warnings as errors.
-
-Switching build modes in CMake is simple. For debug mode, enter at the command line:
-
- cmake -D CMAKE_BUILD_TYPE=Debug /path/to/mbedtls_source
-
-To list other available CMake options, use:
-
- cmake -LH
-
-Note that, with CMake, you can't adjust the compiler or its flags after the
-initial invocation of cmake. This means that `CC=your_cc make` and `make
-CC=your_cc` will *not* work (similarly with `CFLAGS` and other variables).
-These variables need to be adjusted when invoking cmake for the first time,
-for example:
-
- CC=your_cc cmake /path/to/mbedtls_source
-
-If you already invoked cmake and want to change those settings, you need to
-remove the build directory and create it again.
-
-Note that it is possible to build in-place; this will however overwrite the
-provided Makefiles (see `scripts/tmp_ignore_makefiles.sh` if you want to
-prevent `git status` from showing them as modified). In order to do so, from
-the Mbed TLS source directory, use:
-
- cmake .
- make
-
-If you want to change `CC` or `CFLAGS` afterwards, you will need to remove the
-CMake cache. This can be done with the following command using GNU find:
-
- find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
-
-You can now make the desired change:
-
- CC=your_cc cmake .
- make
-
-Regarding variables, also note that if you set CFLAGS when invoking cmake,
-your value of CFLAGS doesn't override the content provided by cmake (depending
-on the build mode as seen above), it's merely prepended to it.
-
-### Microsoft Visual Studio
-
-The build files for Microsoft Visual Studio are generated for Visual Studio 2010.
-
-The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need a perl environment as well. However, the selftest program in `programs/test/` is still available.
-
-Example programs
-----------------
-
-We've included example programs for a lot of different features and uses in [`programs/`](programs/README.md). Most programs only focus on a single feature or usage scenario, so keep that in mind when copying parts of the code.
-
-Tests
------
-
-Mbed TLS includes an elaborate test suite in `tests/` that initially requires Perl to generate the tests files (e.g. `test\_suite\_mpi.c`). These files are generated from a `function file` (e.g. `suites/test\_suite\_mpi.function`) and a `data file` (e.g. `suites/test\_suite\_mpi.data`). The `function file` contains the test functions. The `data file` contains the test cases, specified as parameters that will be passed to the test function.
-
-For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available:
-
-- `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations.
-- `tests/compat.sh` tests interoperability of every ciphersuite with other implementations.
-- `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations.
-- `tests/scripts/key-exchanges.pl` test builds in configurations with a single key exchange enabled
-- `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc).
-
-Configurations
---------------
-
-We provide some non-standard configurations focused on specific use cases in the `configs/` directory. You can read more about those in `configs/README.txt`
-
-Porting Mbed TLS
-----------------
-
-Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following Knowledge Base articles useful:
-
-- [Porting Mbed TLS to a new environment or OS](https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS)
-- [What external dependencies does Mbed TLS rely on?](https://tls.mbed.org/kb/development/what-external-dependencies-does-mbedtls-rely-on)
-- [How do I configure Mbed TLS](https://tls.mbed.org/kb/compiling-and-building/how-do-i-configure-mbedtls)
-
-Contributing
-------------
-
-We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions:
-
-- All contributions, whether large or small require a Contributor's License Agreement (CLA) to be accepted. This is because source code can possibly fall under copyright law and we need your consent to share in the ownership of the copyright.
-- We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions should be fully tested before submission.
-- As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted.
-
-To accept the Contributor’s Licence Agreement (CLA), individual contributors can do this by creating an Mbed account and [accepting the online agreement here with a click through](https://os.mbed.com/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an Mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to Arm as described in the instructions given.
-
-### Making a Contribution
-
-1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://forums.mbed.com/c/mbed-tls) around a feature idea or a bug.
-2. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the "development" branch as a basis.
-3. Write a test which shows that the bug was fixed or that the feature works as expected.
-4. Send a pull request and bug us until it gets merged and published. Contributions may need some modifications, so work with us to get your change accepted. We will include your name in the ChangeLog :)
-
+Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially.
diff --git a/configs/config-default.h b/configs/config-default.h
new file mode 100644
index 0000000..e6abf24
--- /dev/null
+++ b/configs/config-default.h
@@ -0,0 +1,3377 @@
+/**
+ * \file config.h
+ *
+ * \brief Configuration options (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively, and reduce the global
+ * memory footprint.
+ */
+/*
+ * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+/**
+ * \name SECTION: System support
+ *
+ * This section sets system specific settings.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_HAVE_ASM
+ *
+ * The compiler has support for asm().
+ *
+ * Requires support for asm() in compiler.
+ *
+ * Used in:
+ * library/aria.c
+ * library/timing.c
+ * include/mbedtls/bn_mul.h
+ *
+ * Required by:
+ * MBEDTLS_AESNI_C
+ * MBEDTLS_PADLOCK_C
+ *
+ * Comment to disable the use of assembly code.
+ */
+#define MBEDTLS_HAVE_ASM
+
+/**
+ * \def MBEDTLS_NO_UDBL_DIVISION
+ *
+ * The platform lacks support for double-width integer division (64-bit
+ * division on a 32-bit platform, 128-bit division on a 64-bit platform).
+ *
+ * Used in:
+ * include/mbedtls/bignum.h
+ * library/bignum.c
+ *
+ * The bignum code uses double-width division to speed up some operations.
+ * Double-width division is often implemented in software that needs to
+ * be linked with the program. The presence of a double-width integer
+ * type is usually detected automatically through preprocessor macros,
+ * but the automatic detection cannot know whether the code needs to
+ * and can be linked with an implementation of division for that type.
+ * By default division is assumed to be usable if the type is present.
+ * Uncomment this option to prevent the use of double-width division.
+ *
+ * Note that division for the native integer type is always required.
+ * Furthermore, a 64-bit type is always required even on a 32-bit
+ * platform, but it need not support multiplication or division. In some
+ * cases it is also desirable to disable some double-width operations. For
+ * example, if double-width division is implemented in software, disabling
+ * it can reduce code size in some embedded targets.
+ */
+//#define MBEDTLS_NO_UDBL_DIVISION
+
+/**
+ * \def MBEDTLS_NO_64BIT_MULTIPLICATION
+ *
+ * The platform lacks support for 32x32 -> 64-bit multiplication.
+ *
+ * Used in:
+ * library/poly1305.c
+ *
+ * Some parts of the library may use multiplication of two unsigned 32-bit
+ * operands with a 64-bit result in order to speed up computations. On some
+ * platforms, this is not available in hardware and has to be implemented in
+ * software, usually in a library provided by the toolchain.
+ *
+ * Sometimes it is not desirable to have to link to that library. This option
+ * removes the dependency of that library on platforms that lack a hardware
+ * 64-bit multiplier by embedding a software implementation in Mbed TLS.
+ *
+ * Note that depending on the compiler, this may decrease performance compared
+ * to using the library function provided by the toolchain.
+ */
+//#define MBEDTLS_NO_64BIT_MULTIPLICATION
+
+/**
+ * \def MBEDTLS_HAVE_SSE2
+ *
+ * CPU supports SSE2 instruction set.
+ *
+ * Uncomment if the CPU supports SSE2 (IA-32 specific).
+ */
+//#define MBEDTLS_HAVE_SSE2
+
+/**
+ * \def MBEDTLS_HAVE_TIME
+ *
+ * System has time.h and time().
+ * The time does not need to be correct, only time differences are used,
+ * by contrast with MBEDTLS_HAVE_TIME_DATE
+ *
+ * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
+ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
+ * MBEDTLS_PLATFORM_STD_TIME.
+ *
+ * Comment if your system does not support time functions
+ */
+#define MBEDTLS_HAVE_TIME
+
+/**
+ * \def MBEDTLS_HAVE_TIME_DATE
+ *
+ * System has time.h, time(), and an implementation for
+ * mbedtls_platform_gmtime_r() (see below).
+ * The time needs to be correct (not necessarily very accurate, but at least
+ * the date should be correct). This is used to verify the validity period of
+ * X.509 certificates.
+ *
+ * Comment if your system does not have a correct clock.
+ *
+ * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
+ * behaves similarly to the gmtime_r() function from the C standard. Refer to
+ * the documentation for mbedtls_platform_gmtime_r() for more information.
+ *
+ * \note It is possible to configure an implementation for
+ * mbedtls_platform_gmtime_r() at compile-time by using the macro
+ * MBEDTLS_PLATFORM_GMTIME_R_ALT.
+ */
+#define MBEDTLS_HAVE_TIME_DATE
+
+/**
+ * \def MBEDTLS_PLATFORM_MEMORY
+ *
+ * Enable the memory allocation layer.
+ *
+ * By default mbed TLS uses the system-provided calloc() and free().
+ * This allows different allocators (self-implemented or provided) to be
+ * provided to the platform abstraction layer.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY without the
+ * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
+ * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
+ * free() function pointer at runtime.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
+ * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
+ * alternate function at compile time.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Enable this layer to allow use of alternative memory allocators.
+ */
+//#define MBEDTLS_PLATFORM_MEMORY
+
+/**
+ * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+ *
+ * Do not assign standard functions in the platform layer (e.g. calloc() to
+ * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
+ *
+ * This makes sure there are no linking errors on platforms that do not support
+ * these functions. You will HAVE to provide alternatives, either at runtime
+ * via the platform_set_xxx() functions or at compile time by setting
+ * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
+ * MBEDTLS_PLATFORM_XXX_MACRO.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Uncomment to prevent default assignment of standard functions in the
+ * platform layer.
+ */
+//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+
+/**
+ * \def MBEDTLS_PLATFORM_EXIT_ALT
+ *
+ * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
+ * function in the platform abstraction layer.
+ *
+ * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
+ * provide a function "mbedtls_platform_set_printf()" that allows you to set an
+ * alternative printf function pointer.
+ *
+ * All these define require MBEDTLS_PLATFORM_C to be defined!
+ *
+ * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
+ * it will be enabled automatically by check_config.h
+ *
+ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
+ * MBEDTLS_PLATFORM_XXX_MACRO!
+ *
+ * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
+ *
+ * Uncomment a macro to enable alternate implementation of specific base
+ * platform function
+ */
+//#define MBEDTLS_PLATFORM_EXIT_ALT
+//#define MBEDTLS_PLATFORM_TIME_ALT
+//#define MBEDTLS_PLATFORM_FPRINTF_ALT
+//#define MBEDTLS_PLATFORM_PRINTF_ALT
+//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_NV_SEED_ALT
+//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
+
+/**
+ * \def MBEDTLS_DEPRECATED_WARNING
+ *
+ * Mark deprecated functions so that they generate a warning if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * This only works with GCC and Clang. With other compilers, you may want to
+ * use MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Uncomment to get warnings on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_WARNING
+
+/**
+ * \def MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Remove deprecated functions so that they generate an error if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * Uncomment to get errors on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_REMOVED
+
+/**
+ * \def MBEDTLS_CHECK_PARAMS
+ *
+ * This configuration option controls whether the library validates more of
+ * the parameters passed to it.
+ *
+ * When this flag is not defined, the library only attempts to validate an
+ * input parameter if: (1) they may come from the outside world (such as the
+ * network, the filesystem, etc.) or (2) not validating them could result in
+ * internal memory errors such as overflowing a buffer controlled by the
+ * library. On the other hand, it doesn't attempt to validate parameters whose
+ * values are fully controlled by the application (such as pointers).
+ *
+ * When this flag is defined, the library additionally attempts to validate
+ * parameters that are fully controlled by the application, and should always
+ * be valid if the application code is fully correct and trusted.
+ *
+ * For example, when a function accepts as input a pointer to a buffer that may
+ * contain untrusted data, and its documentation mentions that this pointer
+ * must not be NULL:
+ * - the pointer is checked to be non-NULL only if this option is enabled
+ * - the content of the buffer is always validated
+ *
+ * When this flag is defined, if a library function receives a parameter that
+ * is invalid, it will:
+ * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a
+ * call to the function mbedtls_param_failed()
+ * - immediately return (with a specific error code unless the function
+ * returns void and can't communicate an error).
+ *
+ * When defining this flag, you also need to:
+ * - either provide a definition of the function mbedtls_param_failed() in
+ * your application (see platform_util.h for its prototype) as the library
+ * calls that function, but does not provide a default definition for it,
+ * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED()
+ * below if the above mechanism is not flexible enough to suit your needs.
+ * See the documentation of this macro later in this file.
+ *
+ * Uncomment to enable validation of application-controlled parameters.
+ */
+//#define MBEDTLS_CHECK_PARAMS
+
+/* \} name SECTION: System support */
+
+/**
+ * \name SECTION: mbed TLS feature support
+ *
+ * This section sets support for features that are or are not needed
+ * within the modules that are enabled.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_TIMING_ALT
+ *
+ * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
+ *
+ * Only works if you have MBEDTLS_TIMING_C enabled.
+ *
+ * You will need to provide a header "timing_alt.h" and an implementation at
+ * compile time.
+ */
+//#define MBEDTLS_TIMING_ALT
+
+/**
+ * \def MBEDTLS_AES_ALT
+ *
+ * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternate core implementation of a symmetric crypto, an arithmetic or hash
+ * module (e.g. platform specific assembly optimized implementations). Keep
+ * in mind that the function prototypes should remain the same.
+ *
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
+ * provide the "struct mbedtls_aes_context" definition and omit the base
+ * function declarations and implementations. "aes_alt.h" will be included from
+ * "aes.h" to include the new function definitions.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * module.
+ *
+ * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ * use constitutes a security risk. If possible, we recommend
+ * avoiding dependencies on them, and considering stronger message
+ * digests and ciphers instead.
+ *
+ */
+//#define MBEDTLS_AES_ALT
+//#define MBEDTLS_ARC4_ALT
+//#define MBEDTLS_ARIA_ALT
+//#define MBEDTLS_BLOWFISH_ALT
+//#define MBEDTLS_CAMELLIA_ALT
+//#define MBEDTLS_CCM_ALT
+//#define MBEDTLS_CHACHA20_ALT
+//#define MBEDTLS_CHACHAPOLY_ALT
+//#define MBEDTLS_CMAC_ALT
+//#define MBEDTLS_DES_ALT
+//#define MBEDTLS_DHM_ALT
+//#define MBEDTLS_ECJPAKE_ALT
+//#define MBEDTLS_GCM_ALT
+//#define MBEDTLS_NIST_KW_ALT
+//#define MBEDTLS_MD2_ALT
+//#define MBEDTLS_MD4_ALT
+//#define MBEDTLS_MD5_ALT
+//#define MBEDTLS_POLY1305_ALT
+//#define MBEDTLS_RIPEMD160_ALT
+//#define MBEDTLS_RSA_ALT
+//#define MBEDTLS_SHA1_ALT
+//#define MBEDTLS_SHA256_ALT
+//#define MBEDTLS_SHA512_ALT
+//#define MBEDTLS_XTEA_ALT
+
+/*
+ * When replacing the elliptic curve module, pleace consider, that it is
+ * implemented with two .c files:
+ * - ecp.c
+ * - ecp_curves.c
+ * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
+ * macros as described above. The only difference is that you have to make sure
+ * that you provide functionality for both .c files.
+ */
+//#define MBEDTLS_ECP_ALT
+
+/**
+ * \def MBEDTLS_MD2_PROCESS_ALT
+ *
+ * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
+ * alternate core implementation of symmetric crypto or hash function. Keep in
+ * mind that function prototypes should remain the same.
+ *
+ * This replaces only one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
+ * no longer provide the mbedtls_sha1_process() function, but it will still provide
+ * the other function (using your mbedtls_sha1_process() function) and the definition
+ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
+ * with this definition.
+ *
+ * \note Because of a signature change, the core AES encryption and decryption routines are
+ * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
+ * respectively. When setting up alternative implementations, these functions should
+ * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
+ * must stay untouched.
+ *
+ * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
+ * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
+ * tables.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ *
+ * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
+ * constitutes a security risk. If possible, we recommend avoiding
+ * dependencies on them, and considering stronger message digests
+ * and ciphers instead.
+ *
+ */
+//#define MBEDTLS_MD2_PROCESS_ALT
+//#define MBEDTLS_MD4_PROCESS_ALT
+//#define MBEDTLS_MD5_PROCESS_ALT
+//#define MBEDTLS_RIPEMD160_PROCESS_ALT
+//#define MBEDTLS_SHA1_PROCESS_ALT
+//#define MBEDTLS_SHA256_PROCESS_ALT
+//#define MBEDTLS_SHA512_PROCESS_ALT
+//#define MBEDTLS_DES_SETKEY_ALT
+//#define MBEDTLS_DES_CRYPT_ECB_ALT
+//#define MBEDTLS_DES3_CRYPT_ECB_ALT
+//#define MBEDTLS_AES_SETKEY_ENC_ALT
+//#define MBEDTLS_AES_SETKEY_DEC_ALT
+//#define MBEDTLS_AES_ENCRYPT_ALT
+//#define MBEDTLS_AES_DECRYPT_ALT
+//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
+//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
+//#define MBEDTLS_ECDSA_VERIFY_ALT
+//#define MBEDTLS_ECDSA_SIGN_ALT
+//#define MBEDTLS_ECDSA_GENKEY_ALT
+
+/**
+ * \def MBEDTLS_ECP_INTERNAL_ALT
+ *
+ * Expose a part of the internal interface of the Elliptic Curve Point module.
+ *
+ * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternative core implementation of elliptic curve arithmetic. Keep in mind
+ * that function prototypes should remain the same.
+ *
+ * This partially replaces one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
+ * is still present and it is used for group structures not supported by the
+ * alternative.
+ *
+ * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
+ * and implementing the following functions:
+ * unsigned char mbedtls_internal_ecp_grp_capable(
+ * const mbedtls_ecp_group *grp )
+ * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
+ * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
+ * The mbedtls_internal_ecp_grp_capable function should return 1 if the
+ * replacement functions implement arithmetic for the given group and 0
+ * otherwise.
+ * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
+ * called before and after each point operation and provide an opportunity to
+ * implement optimized set up and tear down instructions.
+ *
+ * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
+ * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
+ * function, but will use your mbedtls_internal_ecp_double_jac if the group is
+ * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
+ * receives it as an argument). If the group is not supported then the original
+ * implementation is used. The other functions and the definition of
+ * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
+ * implementation of mbedtls_internal_ecp_double_jac and
+ * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ */
+/* Required for all the functions in this section */
+//#define MBEDTLS_ECP_INTERNAL_ALT
+/* Support for Weierstrass curves with Jacobi representation */
+//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
+//#define MBEDTLS_ECP_ADD_MIXED_ALT
+//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
+/* Support for curves with Montgomery arithmetic */
+//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
+//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
+//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
+
+/**
+ * \def MBEDTLS_TEST_NULL_ENTROPY
+ *
+ * Enables testing and use of mbed TLS without any configured entropy sources.
+ * This permits use of the library on platforms before an entropy source has
+ * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
+ * MBEDTLS_ENTROPY_NV_SEED switches).
+ *
+ * WARNING! This switch MUST be disabled in production builds, and is suitable
+ * only for development.
+ * Enabling the switch negates any security provided by the library.
+ *
+ * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ */
+//#define MBEDTLS_TEST_NULL_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_HARDWARE_ALT
+ *
+ * Uncomment this macro to let mbed TLS use your own implementation of a
+ * hardware entropy collector.
+ *
+ * Your function must be called \c mbedtls_hardware_poll(), have the same
+ * prototype as declared in entropy_poll.h, and accept NULL as first argument.
+ *
+ * Uncomment to use your own hardware entropy collector.
+ */
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+/**
+ * \def MBEDTLS_AES_ROM_TABLES
+ *
+ * Use precomputed AES tables stored in ROM.
+ *
+ * Uncomment this macro to use precomputed AES tables stored in ROM.
+ * Comment this macro to generate AES tables in RAM at runtime.
+ *
+ * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
+ * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
+ * initialization time before the first AES operation can be performed.
+ * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
+ * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
+ * performance if ROM access is slower than RAM access.
+ *
+ * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_ROM_TABLES
+
+/**
+ * \def MBEDTLS_AES_FEWER_TABLES
+ *
+ * Use less ROM/RAM for AES tables.
+ *
+ * Uncommenting this macro omits 75% of the AES tables from
+ * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
+ * by computing their values on the fly during operations
+ * (the tables are entry-wise rotations of one another).
+ *
+ * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
+ * by ~6kb but at the cost of more arithmetic operations during
+ * runtime. Specifically, one has to compare 4 accesses within
+ * different tables to 4 accesses with additional arithmetic
+ * operations within the same table. The performance gain/loss
+ * depends on the system and memory details.
+ *
+ * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_FEWER_TABLES
+
+/**
+ * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
+ *
+ * Use less ROM for the Camellia implementation (saves about 768 bytes).
+ *
+ * Uncomment this macro to use less memory for Camellia.
+ */
+//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CBC
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CTR
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_OFB
+ *
+ * Enable Output Feedback mode (OFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_OFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_XTS
+ *
+ * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
+ */
+#define MBEDTLS_CIPHER_MODE_XTS
+
+/**
+ * \def MBEDTLS_CIPHER_NULL_CIPHER
+ *
+ * Enable NULL cipher.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * encryption or channels without any security!
+ *
+ * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
+ * the following ciphersuites:
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
+ * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
+ * MBEDTLS_TLS_RSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_RSA_WITH_NULL_MD5
+ * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
+ * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_PSK_WITH_NULL_SHA
+ *
+ * Uncomment this macro to enable the NULL cipher and ciphersuites
+ */
+//#define MBEDTLS_CIPHER_NULL_CIPHER
+
+/**
+ * \def MBEDTLS_CIPHER_PADDING_PKCS7
+ *
+ * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
+ * specific padding modes in the cipher layer with cipher modes that support
+ * padding (e.g. CBC)
+ *
+ * If you disable all padding modes, only full blocks can be used with CBC.
+ *
+ * Enable padding modes in the cipher layer.
+ */
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#define MBEDTLS_CIPHER_PADDING_ZEROS
+
+/**
+ * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+ *
+ * Enable weak ciphersuites in SSL / TLS.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * channels with virtually no security at all!
+ *
+ * This enables the following ciphersuites:
+ * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
+ *
+ * Uncomment this macro to enable weak ciphersuites
+ *
+ * \warning DES is considered a weak cipher and its use constitutes a
+ * security risk. We recommend considering stronger ciphers instead.
+ */
+//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+ *
+ * Remove RC4 ciphersuites by default in SSL / TLS.
+ * This flag removes the ciphersuites based on RC4 from the default list as
+ * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
+ * explicitly.
+ *
+ * Uncomment this macro to remove RC4 ciphersuites by default.
+ */
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ *
+ * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Comment macros to disable the curve and functions for it
+ */
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
+
+/**
+ * \def MBEDTLS_ECP_NIST_OPTIM
+ *
+ * Enable specific 'modulo p' routines for each NIST prime.
+ * Depending on the prime and architecture, makes operations 4 to 8 times
+ * faster on the corresponding curve.
+ *
+ * Comment this macro to disable NIST curves optimisation.
+ */
+#define MBEDTLS_ECP_NIST_OPTIM
+
+/**
+ * \def MBEDTLS_ECP_RESTARTABLE
+ *
+ * Enable "non-blocking" ECC operations that can return early and be resumed.
+ *
+ * This allows various functions to pause by returning
+ * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
+ * order to further progress and eventually complete their operation. This is
+ * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
+ * number of ECC operations a function may perform before pausing; see
+ * mbedtls_ecp_set_max_ops() for more information.
+ *
+ * This is useful in non-threaded environments if you want to avoid blocking
+ * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
+ *
+ * Uncomment this macro to enable restartable ECC computations.
+ *
+ * \note This option only works with the default software implementation of
+ * elliptic curve functionality. It is incompatible with
+ * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
+ */
+//#define MBEDTLS_ECP_RESTARTABLE
+
+/**
+ * \def MBEDTLS_ECDSA_DETERMINISTIC
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+ * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
+ * may result in a compromise of the long-term signing key. This is avoided by
+ * the deterministic variant.
+ *
+ * Requires: MBEDTLS_HMAC_DRBG_C
+ *
+ * Comment this macro to disable deterministic ECDSA.
+ */
+#define MBEDTLS_ECDSA_DETERMINISTIC
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+ *
+ * Enable the PSK based ciphersuite modes in SSL / TLS.
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+ *
+ * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *
+ * \warning Using DHE constitutes a security risk as it
+ * is not possible to validate custom DH parameters.
+ * If possible, it is recommended users should consider
+ * preferring other methods of key exchange.
+ * See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ *
+ * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ *
+ * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ *
+ * Enable the RSA-only based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+ *
+ * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * \warning Using DHE constitutes a security risk as it
+ * is not possible to validate custom DH parameters.
+ * If possible, it is recommended users should consider
+ * preferring other methods of key exchange.
+ * See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ *
+ * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ *
+ * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ *
+ * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ *
+ * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+ *
+ * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Requires: MBEDTLS_ECJPAKE_C
+ * MBEDTLS_SHA256_C
+ * MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+ */
+//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+/**
+ * \def MBEDTLS_PK_PARSE_EC_EXTENDED
+ *
+ * Enhance support for reading EC keys using variants of SEC1 not allowed by
+ * RFC 5915 and RFC 5480.
+ *
+ * Currently this means parsing the SpecifiedECDomain choice of EC
+ * parameters (only known groups are supported, not arbitrary domains, to
+ * avoid validation issues).
+ *
+ * Disable if you only need to support RFC 5915 + 5480 key formats.
+ */
+#define MBEDTLS_PK_PARSE_EC_EXTENDED
+
+/**
+ * \def MBEDTLS_ERROR_STRERROR_DUMMY
+ *
+ * Enable a dummy error function to make use of mbedtls_strerror() in
+ * third party libraries easier when MBEDTLS_ERROR_C is disabled
+ * (no effect when MBEDTLS_ERROR_C is enabled).
+ *
+ * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
+ * not using mbedtls_strerror() or error_strerror() in your application.
+ *
+ * Disable if you run into name conflicts and want to really remove the
+ * mbedtls_strerror()
+ */
+#define MBEDTLS_ERROR_STRERROR_DUMMY
+
+/**
+ * \def MBEDTLS_GENPRIME
+ *
+ * Enable the prime-number generation code.
+ *
+ * Requires: MBEDTLS_BIGNUM_C
+ */
+#define MBEDTLS_GENPRIME
+
+/**
+ * \def MBEDTLS_FS_IO
+ *
+ * Enable functions that use the filesystem.
+ */
+#define MBEDTLS_FS_IO
+
+/**
+ * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ * Do not add default entropy sources. These are the platform specific,
+ * mbedtls_timing_hardclock and HAVEGE based poll functions.
+ *
+ * This is useful to have more control over the added entropy sources in an
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+ */
+//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+
+/**
+ * \def MBEDTLS_NO_PLATFORM_ENTROPY
+ *
+ * Do not use built-in platform entropy functions.
+ * This is useful if your platform does not support
+ * standards like the /dev/urandom or Windows CryptoAPI.
+ *
+ * Uncomment this macro to disable the built-in platform entropy functions.
+ */
+//#define MBEDTLS_NO_PLATFORM_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_FORCE_SHA256
+ *
+ * Force the entropy accumulator to use a SHA-256 accumulator instead of the
+ * default SHA-512 based one (if both are available).
+ *
+ * Requires: MBEDTLS_SHA256_C
+ *
+ * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
+ * if you have performance concerns.
+ *
+ * This option is only useful if both MBEDTLS_SHA256_C and
+ * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
+ */
+//#define MBEDTLS_ENTROPY_FORCE_SHA256
+
+/**
+ * \def MBEDTLS_ENTROPY_NV_SEED
+ *
+ * Enable the non-volatile (NV) seed file-based entropy source.
+ * (Also enables the NV seed read/write functions in the platform layer)
+ *
+ * This is crucial (if not required) on systems that do not have a
+ * cryptographic entropy source (in hardware or kernel) available.
+ *
+ * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
+ *
+ * \note The read/write functions that are used by the entropy source are
+ * determined in the platform layer, and can be modified at runtime and/or
+ * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
+ *
+ * \note If you use the default implementation functions that read a seedfile
+ * with regular fopen(), please make sure you make a seedfile with the
+ * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
+ * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
+ * and written to or you will get an entropy source error! The default
+ * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
+ * bytes from the file.
+ *
+ * \note The entropy collector will write to the seed file before entropy is
+ * given to an external source, to update it.
+ */
+//#define MBEDTLS_ENTROPY_NV_SEED
+
+/**
+ * \def MBEDTLS_MEMORY_DEBUG
+ *
+ * Enable debugging of buffer allocator memory issues. Automatically prints
+ * (to stderr) all (fatal) messages on memory allocation issues. Enables
+ * function for 'debug output' of allocated memory.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Uncomment this macro to let the buffer allocator print out error messages.
+ */
+//#define MBEDTLS_MEMORY_DEBUG
+
+/**
+ * \def MBEDTLS_MEMORY_BACKTRACE
+ *
+ * Include backtrace information with each allocated block.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ * GLIBC-compatible backtrace() an backtrace_symbols() support
+ *
+ * Uncomment this macro to include backtrace information
+ */
+//#define MBEDTLS_MEMORY_BACKTRACE
+
+/**
+ * \def MBEDTLS_PK_RSA_ALT_SUPPORT
+ *
+ * Support external private RSA keys (eg from a HSM) in the PK layer.
+ *
+ * Comment this macro to disable support for external private RSA keys.
+ */
+#define MBEDTLS_PK_RSA_ALT_SUPPORT
+
+/**
+ * \def MBEDTLS_PKCS1_V15
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ *
+ * Requires: MBEDTLS_RSA_C
+ *
+ * This enables support for PKCS#1 v1.5 operations.
+ */
+#define MBEDTLS_PKCS1_V15
+
+/**
+ * \def MBEDTLS_PKCS1_V21
+ *
+ * Enable support for PKCS#1 v2.1 encoding.
+ *
+ * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
+ *
+ * This enables support for RSAES-OAEP and RSASSA-PSS operations.
+ */
+#define MBEDTLS_PKCS1_V21
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_SPM
+ *
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
+ * Partition Manager) integration which separates the code into two parts: a
+ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
+ * Environment).
+ *
+ * Module: library/psa_crypto.c
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_SPM
+
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
+/**
+ * \def MBEDTLS_RSA_NO_CRT
+ *
+ * Do not use the Chinese Remainder Theorem
+ * for the RSA private operation.
+ *
+ * Uncomment this macro to disable the use of CRT in RSA.
+ *
+ */
+//#define MBEDTLS_RSA_NO_CRT
+
+/**
+ * \def MBEDTLS_SELF_TEST
+ *
+ * Enable the checkup functions (*_self_test).
+ */
+#define MBEDTLS_SELF_TEST
+
+/**
+ * \def MBEDTLS_SHA256_SMALLER
+ *
+ * Enable an implementation of SHA-256 that has lower ROM footprint but also
+ * lower performance.
+ *
+ * The default implementation is meant to be a reasonnable compromise between
+ * performance and size. This version optimizes more aggressively for size at
+ * the expense of performance. Eg on Cortex-M4 it reduces the size of
+ * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
+ * 30%.
+ *
+ * Uncomment to enable the smaller implementation of SHA256.
+ */
+//#define MBEDTLS_SHA256_SMALLER
+
+/**
+ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
+ *
+ * Enable sending of alert messages in case of encountered errors as per RFC.
+ * If you choose not to send the alert messages, mbed TLS can still communicate
+ * with other servers, only debugging of failures is harder.
+ *
+ * The advantage of not sending alert messages, is that no information is given
+ * about reasons for failures thus preventing adversaries of gaining intel.
+ *
+ * Enable sending of all alert messages
+ */
+#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
+
+/**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+//#define MBEDTLS_SSL_ASYNC_PRIVATE
+
+/**
+ * \def MBEDTLS_SSL_DEBUG_ALL
+ *
+ * Enable the debug messages in SSL module for all issues.
+ * Debug messages have been disabled in some places to prevent timing
+ * attacks due to (unbalanced) debugging function calls.
+ *
+ * If you need all error reporting you should enable this during debugging,
+ * but remove this for production servers that should log as well.
+ *
+ * Uncomment this macro to report all debug messages on errors introducing
+ * a timing side-channel.
+ *
+ */
+//#define MBEDTLS_SSL_DEBUG_ALL
+
+/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
+ *
+ * Enable support for Encrypt-then-MAC, RFC 7366.
+ *
+ * This allows peers that both support it to use a more robust protection for
+ * ciphersuites using CBC, providing deep resistance against timing attacks
+ * on the padding or underlying cipher.
+ *
+ * This only affects CBC ciphersuites, and is useless if none is defined.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1 or
+ * MBEDTLS_SSL_PROTO_TLS1_1 or
+ * MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Encrypt-then-MAC
+ */
+#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
+
+/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+ *
+ * Enable support for Extended Master Secret, aka Session Hash
+ * (draft-ietf-tls-session-hash-02).
+ *
+ * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * attacks, but it is recommended to always use it (even if you disable
+ * renegotiation), since it actually fixes a more fundamental issue in the
+ * original SSL/TLS design, and has implications beyond Triple Handshake.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1 or
+ * MBEDTLS_SSL_PROTO_TLS1_1 or
+ * MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Extended Master Secret.
+ */
+#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+
+/**
+ * \def MBEDTLS_SSL_FALLBACK_SCSV
+ *
+ * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
+ *
+ * For servers, it is recommended to always enable this, unless you support
+ * only one version of TLS, or know for sure that none of your clients
+ * implements a fallback strategy.
+ *
+ * For clients, you only need this if you're using a fallback strategy, which
+ * is not recommended in the first place, unless you absolutely need it to
+ * interoperate with buggy (version-intolerant) servers.
+ *
+ * Comment this macro to disable support for FALLBACK_SCSV
+ */
+#define MBEDTLS_SSL_FALLBACK_SCSV
+
+/**
+ * \def MBEDTLS_SSL_HW_RECORD_ACCEL
+ *
+ * Enable hooking functions in SSL module for hardware acceleration of
+ * individual records.
+ *
+ * Uncomment this macro to enable hooking functions.
+ */
+//#define MBEDTLS_SSL_HW_RECORD_ACCEL
+
+/**
+ * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ *
+ * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
+ *
+ * This is a countermeasure to the BEAST attack, which also minimizes the risk
+ * of interoperability issues compared to sending 0-length records.
+ *
+ * Comment this macro to disable 1/n-1 record splitting.
+ */
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+/**
+ * \def MBEDTLS_SSL_RENEGOTIATION
+ *
+ * Enable support for TLS renegotiation.
+ *
+ * The two main uses of renegotiation are (1) refresh keys on long-lived
+ * connections and (2) client authentication after the initial handshake.
+ * If you don't need renegotiation, it's probably better to disable it, since
+ * it has been associated with security issues in the past and is easy to
+ * misuse/misunderstand.
+ *
+ * Comment this to disable support for renegotiation.
+ *
+ * \note Even if this option is disabled, both client and server are aware
+ * of the Renegotiation Indication Extension (RFC 5746) used to
+ * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
+ * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
+ * configuration of this extension).
+ *
+ */
+#define MBEDTLS_SSL_RENEGOTIATION
+
+/**
+ * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+ *
+ * Enable support for receiving and parsing SSLv2 Client Hello messages for the
+ * SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to enable support for SSLv2 Client Hello messages.
+ */
+//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+
+/**
+ * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+ *
+ * Pick the ciphersuite according to the client's preferences rather than ours
+ * in the SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to respect client's ciphersuite order
+ */
+//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+
+/**
+ * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ *
+ * Enable support for RFC 6066 max_fragment_length extension in SSL.
+ *
+ * Comment this macro to disable support for the max_fragment_length extension
+ */
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+
+/**
+ * \def MBEDTLS_SSL_PROTO_SSL3
+ *
+ * Enable support for SSL 3.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ * MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for SSL 3.0
+ */
+//#define MBEDTLS_SSL_PROTO_SSL3
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1
+ *
+ * Enable support for TLS 1.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ * MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_1
+ *
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_MD5_C
+ * MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
+ * (Depends on ciphersuites)
+ *
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/**
+ * \def MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1_1
+ * or MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define MBEDTLS_SSL_PROTO_DTLS
+
+/**
+ * \def MBEDTLS_SSL_ALPN
+ *
+ * Enable support for RFC 7301 Application Layer Protocol Negotiation.
+ *
+ * Comment this macro to disable support for ALPN.
+ */
+#define MBEDTLS_SSL_ALPN
+
+/**
+ * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ * MBEDTLS_SSL_PROTO_DTLS
+ *
+ * \warning Disabling this is often a security risk!
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Enable support for HelloVerifyRequest on DTLS servers.
+ *
+ * This feature is highly recommended to prevent DTLS servers being used as
+ * amplifiers in DoS attacks against other hosts. It should always be enabled
+ * unless you know for sure amplification cannot be a problem in the
+ * environment in which your server operates.
+ *
+ * \warning Disabling this can ba a security risk! (see above)
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Comment this to disable support for HelloVerifyRequest.
+ */
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+ *
+ * Enable server-side support for clients that reconnect from the same port.
+ *
+ * Some clients unexpectedly close the connection and try to reconnect using the
+ * same source port. This needs special support from the server to handle the
+ * new connection securely, as described in section 4.2.8 of RFC 6347. This
+ * flag enables that support.
+ *
+ * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Comment this to disable support for clients reusing the source port.
+ */
+#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+
+/**
+ * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+ *
+ * Enable support for a limit of records with bad MAC.
+ *
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ */
+#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+
+/**
+ * \def MBEDTLS_SSL_SESSION_TICKETS
+ *
+ * Enable support for RFC 5077 session tickets in SSL.
+ * Client-side, provides full support for session tickets (maintenance of a
+ * session store remains the responsibility of the application, though).
+ * Server-side, you also need to provide callbacks for writing and parsing
+ * tickets, including authenticated encryption and key management. Example
+ * callbacks are provided by MBEDTLS_SSL_TICKET_C.
+ *
+ * Comment this macro to disable support for SSL session tickets
+ */
+#define MBEDTLS_SSL_SESSION_TICKETS
+
+/**
+ * \def MBEDTLS_SSL_EXPORT_KEYS
+ *
+ * Enable support for exporting key block and master secret.
+ * This is required for certain users of TLS, e.g. EAP-TLS.
+ *
+ * Comment this macro to disable support for key export
+ */
+#define MBEDTLS_SSL_EXPORT_KEYS
+
+/**
+ * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
+ *
+ * Enable support for RFC 6066 server name indication (SNI) in SSL.
+ *
+ * Requires: MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Comment this macro to disable support for server name indication in SSL
+ */
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define MBEDTLS_SSL_TRUNCATED_HMAC
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+ *
+ * Fallback to old (pre-2.7), non-conforming implementation of the truncated
+ * HMAC extension which also truncates the HMAC key. Note that this option is
+ * only meant for a transitory upgrade period and is likely to be removed in
+ * a future version of the library.
+ *
+ * \warning The old implementation is non-compliant and has a security weakness
+ * (2^80 brute force attack on the HMAC key used for a single,
+ * uninterrupted connection). This should only be enabled temporarily
+ * when (1) the use of truncated HMAC is essential in order to save
+ * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
+ * the fixed implementation yet (pre-2.7).
+ *
+ * \deprecated This option is deprecated and will likely be removed in a
+ * future version of Mbed TLS.
+ *
+ * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
+ *
+ * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
+ */
+//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+
+/**
+ * \def MBEDTLS_THREADING_ALT
+ *
+ * Provide your own alternate threading implementation.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to allow your own alternate threading implementation.
+ */
+//#define MBEDTLS_THREADING_ALT
+
+/**
+ * \def MBEDTLS_THREADING_PTHREAD
+ *
+ * Enable the pthread wrapper layer for the threading layer.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to enable pthread mutexes.
+ */
+//#define MBEDTLS_THREADING_PTHREAD
+
+/**
+ * \def MBEDTLS_USE_PSA_CRYPTO
+ *
+ * Make the X.509 and TLS library use PSA for cryptographic operations, see
+ * #MBEDTLS_PSA_CRYPTO_C.
+ *
+ * Note: this option is still in progress, the full X.509 and TLS modules are
+ * not covered yet, but parts that are not ported to PSA yet will still work
+ * as usual, so enabling this option should not break backwards compatibility.
+ *
+ * \warning Support for PSA is still an experimental feature.
+ * Any public API that depends on this option may change
+ * at any time until this warning is removed.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C.
+ */
+//#define MBEDTLS_USE_PSA_CRYPTO
+
+/**
+ * \def MBEDTLS_VERSION_FEATURES
+ *
+ * Allow run-time checking of compile-time enabled features. Thus allowing users
+ * to check at run-time if the library is for instance compiled with threading
+ * support via mbedtls_version_check_feature().
+ *
+ * Requires: MBEDTLS_VERSION_C
+ *
+ * Comment this to disable run-time checking and save ROM space
+ */
+#define MBEDTLS_VERSION_FEATURES
+
+/**
+ * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an extension in a v1 or v2 certificate.
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+
+/**
+ * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an unknown critical extension.
+ *
+ * \warning Depending on your PKI use, enabling this can be a security risk!
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+
+/**
+ * \def MBEDTLS_X509_CHECK_KEY_USAGE
+ *
+ * Enable verification of the keyUsage extension (CA and leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused
+ * (intermediate) CA and leaf certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip keyUsage checking for both CA and leaf certificates.
+ */
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+ *
+ * Enable verification of the extendedKeyUsage extension (leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip extendedKeyUsage checking for certificates.
+ */
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
+ *
+ * Enable parsing and verification of X.509 certificates, CRLs and CSRS
+ * signed with RSASSA-PSS (aka PKCS#1 v2.1).
+ *
+ * Comment this macro to disallow using RSASSA-PSS in certificates.
+ */
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+/**
+ * \def MBEDTLS_ZLIB_SUPPORT
+ *
+ * If set, the SSL/TLS module uses ZLIB to support compression and
+ * decompression of packet data.
+ *
+ * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
+ * CRIME attack. Before enabling this option, you should examine with care if
+ * CRIME or similar exploits may be applicable to your use case.
+ *
+ * \note Currently compression can't be used with DTLS.
+ *
+ * \deprecated This feature is deprecated and will be removed
+ * in the next major revision of the library.
+ *
+ * Used in: library/ssl_tls.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This feature requires zlib library and headers to be present.
+ *
+ * Uncomment to enable use of ZLIB
+ */
+//#define MBEDTLS_ZLIB_SUPPORT
+/* \} name SECTION: mbed TLS feature support */
+
+/**
+ * \name SECTION: mbed TLS modules
+ *
+ * This section enables or disables entire modules in mbed TLS
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_AESNI_C
+ *
+ * Enable AES-NI support on x86-64.
+ *
+ * Module: library/aesni.c
+ * Caller: library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the AES-NI instructions on x86-64
+ */
+#define MBEDTLS_AESNI_C
+
+/**
+ * \def MBEDTLS_AES_C
+ *
+ * Enable the AES block cipher.
+ *
+ * Module: library/aes.c
+ * Caller: library/cipher.c
+ * library/pem.c
+ * library/ctr_drbg.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *
+ * PEM_PARSE uses AES for decrypting encrypted keys.
+ */
+#define MBEDTLS_AES_C
+
+/**
+ * \def MBEDTLS_ARC4_C
+ *
+ * Enable the ARCFOUR stream cipher.
+ *
+ * Module: library/arc4.c
+ * Caller: library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ *
+ * \warning ARC4 is considered a weak cipher and its use constitutes a
+ * security risk. If possible, we recommend avoidng dependencies on
+ * it, and considering stronger ciphers instead.
+ *
+ */
+#define MBEDTLS_ARC4_C
+
+/**
+ * \def MBEDTLS_ASN1_PARSE_C
+ *
+ * Enable the generic ASN1 parser.
+ *
+ * Module: library/asn1.c
+ * Caller: library/x509.c
+ * library/dhm.c
+ * library/pkcs12.c
+ * library/pkcs5.c
+ * library/pkparse.c
+ */
+#define MBEDTLS_ASN1_PARSE_C
+
+/**
+ * \def MBEDTLS_ASN1_WRITE_C
+ *
+ * Enable the generic ASN1 writer.
+ *
+ * Module: library/asn1write.c
+ * Caller: library/ecdsa.c
+ * library/pkwrite.c
+ * library/x509_create.c
+ * library/x509write_crt.c
+ * library/x509write_csr.c
+ */
+#define MBEDTLS_ASN1_WRITE_C
+
+/**
+ * \def MBEDTLS_BASE64_C
+ *
+ * Enable the Base64 module.
+ *
+ * Module: library/base64.c
+ * Caller: library/pem.c
+ *
+ * This module is required for PEM support (required by X.509).
+ */
+#define MBEDTLS_BASE64_C
+
+/**
+ * \def MBEDTLS_BIGNUM_C
+ *
+ * Enable the multi-precision integer library.
+ *
+ * Module: library/bignum.c
+ * Caller: library/dhm.c
+ * library/ecp.c
+ * library/ecdsa.c
+ * library/rsa.c
+ * library/rsa_internal.c
+ * library/ssl_tls.c
+ *
+ * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
+ */
+#define MBEDTLS_BIGNUM_C
+
+/**
+ * \def MBEDTLS_BLOWFISH_C
+ *
+ * Enable the Blowfish block cipher.
+ *
+ * Module: library/blowfish.c
+ */
+#define MBEDTLS_BLOWFISH_C
+
+/**
+ * \def MBEDTLS_CAMELLIA_C
+ *
+ * Enable the Camellia block cipher.
+ *
+ * Module: library/camellia.c
+ * Caller: library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ */
+#define MBEDTLS_CAMELLIA_C
+
+/**
+ * \def MBEDTLS_ARIA_C
+ *
+ * Enable the ARIA block cipher.
+ *
+ * Module: library/aria.c
+ * Caller: library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *
+ * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
+ */
+//#define MBEDTLS_ARIA_C
+
+/**
+ * \def MBEDTLS_CCM_C
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Module: library/ccm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-CCM ciphersuites, if other requisites are
+ * enabled as well.
+ */
+#define MBEDTLS_CCM_C
+
+/**
+ * \def MBEDTLS_CERTS_C
+ *
+ * Enable the test certificates.
+ *
+ * Module: library/certs.c
+ * Caller:
+ *
+ * This module is used for testing (ssl_client/server).
+ */
+#define MBEDTLS_CERTS_C
+
+/**
+ * \def MBEDTLS_CHACHA20_C
+ *
+ * Enable the ChaCha20 stream cipher.
+ *
+ * Module: library/chacha20.c
+ */
+#define MBEDTLS_CHACHA20_C
+
+/**
+ * \def MBEDTLS_CHACHAPOLY_C
+ *
+ * Enable the ChaCha20-Poly1305 AEAD algorithm.
+ *
+ * Module: library/chachapoly.c
+ *
+ * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
+ */
+#define MBEDTLS_CHACHAPOLY_C
+
+/**
+ * \def MBEDTLS_CIPHER_C
+ *
+ * Enable the generic cipher layer.
+ *
+ * Module: library/cipher.c
+ * Caller: library/ssl_tls.c
+ *
+ * Uncomment to enable generic cipher wrappers.
+ */
+#define MBEDTLS_CIPHER_C
+
+/**
+ * \def MBEDTLS_CMAC_C
+ *
+ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
+ * ciphers.
+ *
+ * Module: library/cmac.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
+ *
+ */
+//#define MBEDTLS_CMAC_C
+
+/**
+ * \def MBEDTLS_CTR_DRBG_C
+ *
+ * Enable the CTR_DRBG AES-based random generator.
+ * The CTR_DRBG generator uses AES-256 by default.
+ * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below.
+ *
+ * Module: library/ctr_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_AES_C
+ *
+ * This module provides the CTR_DRBG AES random number generator.
+ */
+#define MBEDTLS_CTR_DRBG_C
+
+/**
+ * \def MBEDTLS_DEBUG_C
+ *
+ * Enable the debug functions.
+ *
+ * Module: library/debug.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ *
+ * This module provides debugging functions.
+ */
+#define MBEDTLS_DEBUG_C
+
+/**
+ * \def MBEDTLS_DES_C
+ *
+ * Enable the DES block cipher.
+ *
+ * Module: library/des.c
+ * Caller: library/pem.c
+ * library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *
+ * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
+ *
+ * \warning DES is considered a weak cipher and its use constitutes a
+ * security risk. We recommend considering stronger ciphers instead.
+ */
+#define MBEDTLS_DES_C
+
+/**
+ * \def MBEDTLS_DHM_C
+ *
+ * Enable the Diffie-Hellman-Merkle module.
+ *
+ * Module: library/dhm.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ * DHE-RSA, DHE-PSK
+ *
+ * \warning Using DHE constitutes a security risk as it
+ * is not possible to validate custom DH parameters.
+ * If possible, it is recommended users should consider
+ * preferring other methods of key exchange.
+ * See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_DHM_C
+
+/**
+ * \def MBEDTLS_ECDH_C
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Module: library/ecdh.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
+ *
+ * Requires: MBEDTLS_ECP_C
+ */
+#define MBEDTLS_ECDH_C
+
+/**
+ * \def MBEDTLS_ECDSA_C
+ *
+ * Enable the elliptic curve DSA library.
+ *
+ * Module: library/ecdsa.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ * ECDHE-ECDSA
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
+ */
+#define MBEDTLS_ECDSA_C
+
+/**
+ * \def MBEDTLS_ECJPAKE_C
+ *
+ * Enable the elliptic curve J-PAKE library.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Module: library/ecjpake.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ * ECJPAKE
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
+ */
+//#define MBEDTLS_ECJPAKE_C
+
+/**
+ * \def MBEDTLS_ECP_C
+ *
+ * Enable the elliptic curve over GF(p) library.
+ *
+ * Module: library/ecp.c
+ * Caller: library/ecdh.c
+ * library/ecdsa.c
+ * library/ecjpake.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
+ */
+#define MBEDTLS_ECP_C
+
+/**
+ * \def MBEDTLS_ENTROPY_C
+ *
+ * Enable the platform-specific entropy code.
+ *
+ * Module: library/entropy.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
+ *
+ * This module provides a generic entropy pool
+ */
+#define MBEDTLS_ENTROPY_C
+
+/**
+ * \def MBEDTLS_ERROR_C
+ *
+ * Enable error code to error string conversion.
+ *
+ * Module: library/error.c
+ * Caller:
+ *
+ * This module enables mbedtls_strerror().
+ */
+#define MBEDTLS_ERROR_C
+
+/**
+ * \def MBEDTLS_GCM_C
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Module: library/gcm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
+ * requisites are enabled as well.
+ */
+#define MBEDTLS_GCM_C
+
+/**
+ * \def MBEDTLS_HAVEGE_C
+ *
+ * Enable the HAVEGE random generator.
+ *
+ * Warning: the HAVEGE random generator is not suitable for virtualized
+ * environments
+ *
+ * Warning: the HAVEGE random generator is dependent on timing and specific
+ * processor traits. It is therefore not advised to use HAVEGE as
+ * your applications primary random generator or primary entropy pool
+ * input. As a secondary input to your entropy pool, it IS able add
+ * the (limited) extra entropy it provides.
+ *
+ * Module: library/havege.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_TIMING_C
+ *
+ * Uncomment to enable the HAVEGE random generator.
+ */
+//#define MBEDTLS_HAVEGE_C
+
+/**
+ * \def MBEDTLS_HKDF_C
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Module: library/hkdf.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the Hashed Message Authentication Code
+ * (HMAC)-based key derivation function (HKDF).
+ */
+#define MBEDTLS_HKDF_C
+
+/**
+ * \def MBEDTLS_HMAC_DRBG_C
+ *
+ * Enable the HMAC_DRBG random generator.
+ *
+ * Module: library/hmac_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * Uncomment to enable the HMAC_DRBG random number geerator.
+ */
+#define MBEDTLS_HMAC_DRBG_C
+
+/**
+ * \def MBEDTLS_NIST_KW_C
+ *
+ * Enable the Key Wrapping mode for 128-bit block ciphers,
+ * as defined in NIST SP 800-38F. Only KW and KWP modes
+ * are supported. At the moment, only AES is approved by NIST.
+ *
+ * Module: library/nist_kw.c
+ *
+ * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
+ */
+//#define MBEDTLS_NIST_KW_C
+
+/**
+ * \def MBEDTLS_MD_C
+ *
+ * Enable the generic message digest layer.
+ *
+ * Module: library/md.c
+ * Caller:
+ *
+ * Uncomment to enable generic message digest wrappers.
+ */
+#define MBEDTLS_MD_C
+
+/**
+ * \def MBEDTLS_MD2_C
+ *
+ * Enable the MD2 hash algorithm.
+ *
+ * Module: library/md2.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD2-signed X.509 certs.
+ *
+ * \warning MD2 is considered a weak message digest and its use constitutes a
+ * security risk. If possible, we recommend avoiding dependencies on
+ * it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD2_C
+
+/**
+ * \def MBEDTLS_MD4_C
+ *
+ * Enable the MD4 hash algorithm.
+ *
+ * Module: library/md4.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD4-signed X.509 certs.
+ *
+ * \warning MD4 is considered a weak message digest and its use constitutes a
+ * security risk. If possible, we recommend avoiding dependencies on
+ * it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD4_C
+
+/**
+ * \def MBEDTLS_MD5_C
+ *
+ * Enable the MD5 hash algorithm.
+ *
+ * Module: library/md5.c
+ * Caller: library/md.c
+ * library/pem.c
+ * library/ssl_tls.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
+ * depending on the handshake parameters. Further, it is used for checking
+ * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
+ * encrypted keys.
+ *
+ * \warning MD5 is considered a weak message digest and its use constitutes a
+ * security risk. If possible, we recommend avoiding dependencies on
+ * it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_MD5_C
+
+/**
+ * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Enable the buffer allocator implementation that makes use of a (stack)
+ * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
+ * calls)
+ *
+ * Module: library/memory_buffer_alloc.c
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
+ *
+ * Enable this module to enable the buffer memory allocator.
+ */
+//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+
+/**
+ * \def MBEDTLS_NET_C
+ *
+ * Enable the TCP and UDP over IPv6/IPv4 networking routines.
+ *
+ * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
+ * and Windows. For other platforms, you'll want to disable it, and write your
+ * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module: library/net_sockets.c
+ *
+ * This module provides networking routines.
+ */
+#define MBEDTLS_NET_C
+
+/**
+ * \def MBEDTLS_OID_C
+ *
+ * Enable the OID database.
+ *
+ * Module: library/oid.c
+ * Caller: library/asn1write.c
+ * library/pkcs5.c
+ * library/pkparse.c
+ * library/pkwrite.c
+ * library/rsa.c
+ * library/x509.c
+ * library/x509_create.c
+ * library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
+ * library/x509write_crt.c
+ * library/x509write_csr.c
+ *
+ * This modules translates between OIDs and internal values.
+ */
+#define MBEDTLS_OID_C
+
+/**
+ * \def MBEDTLS_PADLOCK_C
+ *
+ * Enable VIA Padlock support on x86.
+ *
+ * Module: library/padlock.c
+ * Caller: library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the VIA PadLock on x86.
+ */
+#define MBEDTLS_PADLOCK_C
+
+/**
+ * \def MBEDTLS_PEM_PARSE_C
+ *
+ * Enable PEM decoding / parsing.
+ *
+ * Module: library/pem.c
+ * Caller: library/dhm.c
+ * library/pkparse.c
+ * library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for decoding / parsing PEM files.
+ */
+#define MBEDTLS_PEM_PARSE_C
+
+/**
+ * \def MBEDTLS_PEM_WRITE_C
+ *
+ * Enable PEM encoding / writing.
+ *
+ * Module: library/pem.c
+ * Caller: library/pkwrite.c
+ * library/x509write_crt.c
+ * library/x509write_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for encoding / writing PEM files.
+ */
+#define MBEDTLS_PEM_WRITE_C
+
+/**
+ * \def MBEDTLS_PK_C
+ *
+ * Enable the generic public (asymetric) key layer.
+ *
+ * Module: library/pk.c
+ * Caller: library/ssl_tls.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
+ *
+ * Uncomment to enable generic public key wrappers.
+ */
+#define MBEDTLS_PK_C
+
+/**
+ * \def MBEDTLS_PK_PARSE_C
+ *
+ * Enable the generic public (asymetric) key parser.
+ *
+ * Module: library/pkparse.c
+ * Caller: library/x509_crt.c
+ * library/x509_csr.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key parse functions.
+ */
+#define MBEDTLS_PK_PARSE_C
+
+/**
+ * \def MBEDTLS_PK_WRITE_C
+ *
+ * Enable the generic public (asymetric) key writer.
+ *
+ * Module: library/pkwrite.c
+ * Caller: library/x509write.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key write functions.
+ */
+#define MBEDTLS_PK_WRITE_C
+
+/**
+ * \def MBEDTLS_PKCS5_C
+ *
+ * Enable PKCS#5 functions.
+ *
+ * Module: library/pkcs5.c
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the PKCS#5 functions.
+ */
+#define MBEDTLS_PKCS5_C
+
+/**
+ * \def MBEDTLS_PKCS11_C
+ *
+ * Enable wrapper for PKCS#11 smartcard support.
+ *
+ * Module: library/pkcs11.c
+ * Caller: library/pk.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * This module enables SSL/TLS PKCS #11 smartcard support.
+ * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
+ */
+//#define MBEDTLS_PKCS11_C
+
+/**
+ * \def MBEDTLS_PKCS12_C
+ *
+ * Enable PKCS#12 PBE functions.
+ * Adds algorithms for parsing PKCS#8 encrypted private keys
+ *
+ * Module: library/pkcs12.c
+ * Caller: library/pkparse.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ * Can use: MBEDTLS_ARC4_C
+ *
+ * This module enables PKCS#12 functions.
+ */
+#define MBEDTLS_PKCS12_C
+
+/**
+ * \def MBEDTLS_PLATFORM_C
+ *
+ * Enable the platform abstraction layer that allows you to re-assign
+ * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
+ *
+ * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
+ * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
+ * above to be specified at runtime or compile time respectively.
+ *
+ * \note This abstraction layer must be enabled on Windows (including MSYS2)
+ * as other module rely on it for a fixed snprintf implementation.
+ *
+ * Module: library/platform.c
+ * Caller: Most other .c files
+ *
+ * This module enables abstraction of common (libc) functions.
+ */
+#define MBEDTLS_PLATFORM_C
+
+/**
+ * \def MBEDTLS_POLY1305_C
+ *
+ * Enable the Poly1305 MAC algorithm.
+ *
+ * Module: library/poly1305.c
+ * Caller: library/chachapoly.c
+ */
+#define MBEDTLS_POLY1305_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_C
+ *
+ * Enable the Platform Security Architecture cryptography API.
+ *
+ * \note This option only has an effect when the build option
+ * USE_CRYPTO_SUBMODULE is also in use.
+ *
+ * \warning This feature is experimental and available on an opt-in basis only.
+ * PSA APIs are subject to change at any time. The implementation comes with
+ * less assurance and support than the rest of Mbed TLS.
+ *
+ * Module: crypto/library/psa_crypto.c
+ *
+ * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
+ *
+ * Enable the Platform Security Architecture persistent key storage.
+ *
+ * Module: library/psa_crypto_storage.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C and one of either
+ * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ * (but not both)
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ * Enable persistent key storage over files for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto_storage_file.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ *
+ * Enable persistent key storage over PSA ITS for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto_storage_its.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+
+/**
+ * \def MBEDTLS_RIPEMD160_C
+ *
+ * Enable the RIPEMD-160 hash algorithm.
+ *
+ * Module: library/ripemd160.c
+ * Caller: library/md.c
+ *
+ */
+#define MBEDTLS_RIPEMD160_C
+
+/**
+ * \def MBEDTLS_RSA_C
+ *
+ * Enable the RSA public-key cryptosystem.
+ *
+ * Module: library/rsa.c
+ * library/rsa_internal.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ * library/x509.c
+ *
+ * This module is used by the following key exchanges:
+ * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
+ */
+#define MBEDTLS_RSA_C
+
+/**
+ * \def MBEDTLS_SHA1_C
+ *
+ * Enable the SHA1 cryptographic hash algorithm.
+ *
+ * Module: library/sha1.c
+ * Caller: library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ * library/x509write_crt.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
+ * depending on the handshake parameters, and for SHA1-signed certificates.
+ *
+ * \warning SHA-1 is considered a weak message digest and its use constitutes
+ * a security risk. If possible, we recommend avoiding dependencies
+ * on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_SHA1_C
+
+/**
+ * \def MBEDTLS_SHA256_C
+ *
+ * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
+ *
+ * Module: library/sha256.c
+ * Caller: library/entropy.c
+ * library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ *
+ * This module adds support for SHA-224 and SHA-256.
+ * This module is required for the SSL/TLS 1.2 PRF function.
+ */
+#define MBEDTLS_SHA256_C
+
+/**
+ * \def MBEDTLS_SHA512_C
+ *
+ * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
+ *
+ * Module: library/sha512.c
+ * Caller: library/entropy.c
+ * library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This module adds support for SHA-384 and SHA-512.
+ */
+#define MBEDTLS_SHA512_C
+
+/**
+ * \def MBEDTLS_SSL_CACHE_C
+ *
+ * Enable simple SSL cache implementation.
+ *
+ * Module: library/ssl_cache.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_CACHE_C
+ */
+#define MBEDTLS_SSL_CACHE_C
+
+/**
+ * \def MBEDTLS_SSL_COOKIE_C
+ *
+ * Enable basic implementation of DTLS cookies for hello verification.
+ *
+ * Module: library/ssl_cookie.c
+ * Caller:
+ */
+#define MBEDTLS_SSL_COOKIE_C
+
+/**
+ * \def MBEDTLS_SSL_TICKET_C
+ *
+ * Enable an implementation of TLS server-side callbacks for session tickets.
+ *
+ * Module: library/ssl_ticket.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_CIPHER_C
+ */
+#define MBEDTLS_SSL_TICKET_C
+
+/**
+ * \def MBEDTLS_SSL_CLI_C
+ *
+ * Enable the SSL/TLS client code.
+ *
+ * Module: library/ssl_cli.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS client support.
+ */
+#define MBEDTLS_SSL_CLI_C
+
+/**
+ * \def MBEDTLS_SSL_SRV_C
+ *
+ * Enable the SSL/TLS server code.
+ *
+ * Module: library/ssl_srv.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS server support.
+ */
+#define MBEDTLS_SSL_SRV_C
+
+/**
+ * \def MBEDTLS_SSL_TLS_C
+ *
+ * Enable the generic SSL/TLS code.
+ *
+ * Module: library/ssl_tls.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
+ *
+ * This module is required for SSL/TLS.
+ */
+#define MBEDTLS_SSL_TLS_C
+
+/**
+ * \def MBEDTLS_THREADING_C
+ *
+ * Enable the threading abstraction layer.
+ * By default mbed TLS assumes it is used in a non-threaded environment or that
+ * contexts are not shared between threads. If you do intend to use contexts
+ * between threads, you will need to enable this layer to prevent race
+ * conditions. See also our Knowledge Base article about threading:
+ * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
+ *
+ * Module: library/threading.c
+ *
+ * This allows different threading implementations (self-implemented or
+ * provided).
+ *
+ * You will have to enable either MBEDTLS_THREADING_ALT or
+ * MBEDTLS_THREADING_PTHREAD.
+ *
+ * Enable this layer to allow use of mutexes within mbed TLS
+ */
+//#define MBEDTLS_THREADING_C
+
+/**
+ * \def MBEDTLS_TIMING_C
+ *
+ * Enable the semi-portable timing interface.
+ *
+ * \note The provided implementation only works on POSIX/Unix (including Linux,
+ * BSD and OS X) and Windows. On other platforms, you can either disable that
+ * module and provide your own implementations of the callbacks needed by
+ * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
+ * your own implementation of the whole module by setting
+ * \c MBEDTLS_TIMING_ALT in the current file.
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module: library/timing.c
+ * Caller: library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+ */
+#define MBEDTLS_TIMING_C
+
+/**
+ * \def MBEDTLS_VERSION_C
+ *
+ * Enable run-time version information.
+ *
+ * Module: library/version.c
+ *
+ * This module provides run-time version information.
+ */
+#define MBEDTLS_VERSION_C
+
+/**
+ * \def MBEDTLS_X509_USE_C
+ *
+ * Enable X.509 core for using certificates.
+ *
+ * Module: library/x509.c
+ * Caller: library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
+ * MBEDTLS_PK_PARSE_C
+ *
+ * This module is required for the X.509 parsing modules.
+ */
+#define MBEDTLS_X509_USE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Enable X.509 certificate parsing.
+ *
+ * Module: library/x509_crt.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 certificate parsing.
+ */
+#define MBEDTLS_X509_CRT_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CRL_PARSE_C
+ *
+ * Enable X.509 CRL parsing.
+ *
+ * Module: library/x509_crl.c
+ * Caller: library/x509_crt.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 CRL parsing.
+ */
+#define MBEDTLS_X509_CRL_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_PARSE_C
+ *
+ * Enable X.509 Certificate Signing Request (CSR) parsing.
+ *
+ * Module: library/x509_csr.c
+ * Caller: library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is used for reading X.509 certificate request.
+ */
+#define MBEDTLS_X509_CSR_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CREATE_C
+ *
+ * Enable X.509 core for creating certificates.
+ *
+ * Module: library/x509_create.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
+ *
+ * This module is the basis for creating X.509 certificates and CSRs.
+ */
+#define MBEDTLS_X509_CREATE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_WRITE_C
+ *
+ * Enable creating X.509 certificates.
+ *
+ * Module: library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate creation.
+ */
+#define MBEDTLS_X509_CRT_WRITE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_WRITE_C
+ *
+ * Enable creating X.509 Certificate Signing Requests (CSR).
+ *
+ * Module: library/x509_csr_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate request writing.
+ */
+#define MBEDTLS_X509_CSR_WRITE_C
+
+/**
+ * \def MBEDTLS_XTEA_C
+ *
+ * Enable the XTEA block cipher.
+ *
+ * Module: library/xtea.c
+ * Caller:
+ */
+#define MBEDTLS_XTEA_C
+
+/* \} name SECTION: mbed TLS modules */
+
+/**
+ * \name SECTION: Module configuration options
+ *
+ * This section allows for the setting of module specific sizes and
+ * configuration options. The default values are already present in the
+ * relevant header files and should suffice for the regular use cases.
+ *
+ * Our advice is to enable options and change their values here
+ * only if you have a good reason and know the consequences.
+ *
+ * Please check the respective header file for documentation on these
+ * parameters (to prevent duplicate documentation).
+ * \{
+ */
+
+/* MPI / BIGNUM options */
+//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
+//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
+
+/* CTR_DRBG options */
+//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
+//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
+//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */
+
+/* HMAC_DRBG options */
+//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
+
+/* ECP options */
+//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
+//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
+
+/* Entropy options */
+//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
+//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
+//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
+
+/* Memory buffer allocator options */
+//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
+
+/* Platform options */
+//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
+//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
+/* Note: your snprintf must correctly zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
+
+/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
+/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
+//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
+/* Note: your snprintf must correctly zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+
+/**
+ * \brief This macro is invoked by the library when an invalid parameter
+ * is detected that is only checked with MBEDTLS_CHECK_PARAMS
+ * (see the documentation of that option for context).
+ *
+ * When you leave this undefined here, a default definition is
+ * provided that invokes the function mbedtls_param_failed(),
+ * which is declared in platform_util.h for the benefit of the
+ * library, but that you need to define in your application.
+ *
+ * When you define this here, this replaces the default
+ * definition in platform_util.h (which no longer declares the
+ * function mbedtls_param_failed()) and it is your responsibility
+ * to make sure this macro expands to something suitable (in
+ * particular, that all the necessary declarations are visible
+ * from within the library - you can ensure that by providing
+ * them in this file next to the macro definition).
+ *
+ * Note that you may define this macro to expand to nothing, in
+ * which case you don't have to worry about declarations or
+ * definitions. However, you will then be notified about invalid
+ * parameters only in non-void functions, and void function will
+ * just silently return early on invalid parameters, which
+ * partially negates the benefits of enabling
+ * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
+ *
+ * \param cond The expression that should evaluate to true, but doesn't.
+ */
+//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
+
+/* SSL Cache options */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
+
+/* SSL options */
+
+/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
+ *
+ * Maximum length (in bytes) of incoming and outgoing plaintext fragments.
+ *
+ * This determines the size of both the incoming and outgoing TLS I/O buffers
+ * in such a way that both are capable of holding the specified amount of
+ * plaintext data, regardless of the protection mechanism used.
+ *
+ * To configure incoming and outgoing I/O buffers separately, use
+ * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN,
+ * which overwrite the value set by this option.
+ *
+ * \note When using a value less than the default of 16KB on the client, it is
+ * recommended to use the Maximum Fragment Length (MFL) extension to
+ * inform the server about this limitation. On the server, there
+ * is no supported, standardized way of informing the client about
+ * restriction on the maximum size of incoming messages, and unless
+ * the limitation has been communicated by other means, it is recommended
+ * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
+ * while keeping the default value of 16KB for the incoming buffer.
+ *
+ * Uncomment to set the maximum plaintext size of both
+ * incoming and outgoing I/O buffers.
+ */
+//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_IN_CONTENT_LEN
+ *
+ * Maximum length (in bytes) of incoming plaintext fragments.
+ *
+ * This determines the size of the incoming TLS I/O buffer in such a way
+ * that it is capable of holding the specified amount of plaintext data,
+ * regardless of the protection mechanism used.
+ *
+ * If this option is undefined, it inherits its value from
+ * #MBEDTLS_SSL_MAX_CONTENT_LEN.
+ *
+ * \note When using a value less than the default of 16KB on the client, it is
+ * recommended to use the Maximum Fragment Length (MFL) extension to
+ * inform the server about this limitation. On the server, there
+ * is no supported, standardized way of informing the client about
+ * restriction on the maximum size of incoming messages, and unless
+ * the limitation has been communicated by other means, it is recommended
+ * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
+ * while keeping the default value of 16KB for the incoming buffer.
+ *
+ * Uncomment to set the maximum plaintext size of the incoming I/O buffer
+ * independently of the outgoing I/O buffer.
+ */
+//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
+ *
+ * Maximum length (in bytes) of outgoing plaintext fragments.
+ *
+ * This determines the size of the outgoing TLS I/O buffer in such a way
+ * that it is capable of holding the specified amount of plaintext data,
+ * regardless of the protection mechanism used.
+ *
+ * If this option undefined, it inherits its value from
+ * #MBEDTLS_SSL_MAX_CONTENT_LEN.
+ *
+ * It is possible to save RAM by setting a smaller outward buffer, while keeping
+ * the default inward 16384 byte buffer to conform to the TLS specification.
+ *
+ * The minimum required outward buffer size is determined by the handshake
+ * protocol's usage. Handshaking will fail if the outward buffer is too small.
+ * The specific size requirement depends on the configured ciphers and any
+ * certificate data which is sent during the handshake.
+ *
+ * Uncomment to set the maximum plaintext size of the outgoing I/O buffer
+ * independently of the incoming I/O buffer.
+ */
+//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
+ *
+ * Maximum number of heap-allocated bytes for the purpose of
+ * DTLS handshake message reassembly and future message buffering.
+ *
+ * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
+ * to account for a reassembled handshake message of maximum size,
+ * together with its reassembly bitmap.
+ *
+ * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
+ * should be sufficient for all practical situations as it allows
+ * to reassembly a large handshake message (such as a certificate)
+ * while buffering multiple smaller handshake messages.
+ *
+ */
+//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
+
+//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
+//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
+//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
+
+/**
+ * Complete list of ciphersuites to use, in order of preference.
+ *
+ * \warning No dependency checking is done on that field! This option can only
+ * be used to restrict the set of available ciphersuites. It is your
+ * responsibility to make sure the needed modules are active.
+ *
+ * Use this to save a few hundred bytes of ROM (default ordering of all
+ * available ciphersuites) and a few to a few hundred bytes of RAM.
+ *
+ * The value below is only an example, not the default.
+ */
+//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+
+/* X509 options */
+//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
+//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
+
+/**
+ * Allow SHA-1 in the default TLS configuration for certificate signing.
+ * Without this build-time option, SHA-1 support must be activated explicitly
+ * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
+ * recommended because of it is possible to generate SHA-1 collisions, however
+ * this may be safe for legacy infrastructure where additional controls apply.
+ *
+ * \warning SHA-1 is considered a weak message digest and its use constitutes
+ * a security risk. If possible, we recommend avoiding dependencies
+ * on it, and considering stronger message digests instead.
+ *
+ */
+// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+
+/**
+ * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
+ * signature and ciphersuite selection. Without this build-time option, SHA-1
+ * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
+ * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
+ * default. At the time of writing, there is no practical attack on the use
+ * of SHA-1 in handshake signatures, hence this option is turned on by default
+ * to preserve compatibility with existing peers, but the general
+ * warning applies nonetheless:
+ *
+ * \warning SHA-1 is considered a weak message digest and its use constitutes
+ * a security risk. If possible, we recommend avoiding dependencies
+ * on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
+
+/**
+ * Uncomment the macro to let mbed TLS use your alternate implementation of
+ * mbedtls_platform_zeroize(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * mbedtls_platform_zeroize() is a widely used function across the library to
+ * zero a block of memory. The implementation is expected to be secure in the
+ * sense that it has been written to prevent the compiler from removing calls
+ * to mbedtls_platform_zeroize() as part of redundant code elimination
+ * optimizations. However, it is difficult to guarantee that calls to
+ * mbedtls_platform_zeroize() will not be optimized by the compiler as older
+ * versions of the C language standards do not provide a secure implementation
+ * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
+ * configure their own implementation of mbedtls_platform_zeroize(), for
+ * example by using directives specific to their compiler, features from newer
+ * C standards (e.g using memset_s() in C11) or calling a secure memset() from
+ * their system (e.g explicit_bzero() in BSD).
+ */
+//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
+/**
+ * Uncomment the macro to let Mbed TLS use your alternate implementation of
+ * mbedtls_platform_gmtime_r(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * gmtime() is not a thread-safe function as defined in the C standard. The
+ * library will try to use safer implementations of this function, such as
+ * gmtime_r() when available. However, if Mbed TLS cannot identify the target
+ * system, the implementation of mbedtls_platform_gmtime_r() will default to
+ * using the standard gmtime(). In this case, calls from the library to
+ * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
+ * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
+ * library are also guarded with this mutex to avoid race conditions. However,
+ * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
+ * unconditionally use the implementation for mbedtls_platform_gmtime_r()
+ * supplied at compile time.
+ */
+//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
+
+/* \} name SECTION: Customisation configuration options */
+
+/* Target and application specific configurations
+ *
+ * Allow user to override any previous default.
+ *
+ */
+#if defined(MBEDTLS_USER_CONFIG_FILE)
+#include MBEDTLS_USER_CONFIG_FILE
+#endif
+
+#include "check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
new file mode 100644
index 0000000..fa1d3cf
--- /dev/null
+++ b/configs/config-psa-crypto.h
@@ -0,0 +1,3380 @@
+/**
+ * \file config.h
+ *
+ * \brief Configuration options (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively, and reduce the global
+ * memory footprint.
+ */
+/*
+ * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+/**
+ * \name SECTION: System support
+ *
+ * This section sets system specific settings.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_HAVE_ASM
+ *
+ * The compiler has support for asm().
+ *
+ * Requires support for asm() in compiler.
+ *
+ * Used in:
+ * library/aria.c
+ * library/timing.c
+ * include/mbedtls/bn_mul.h
+ *
+ * Required by:
+ * MBEDTLS_AESNI_C
+ * MBEDTLS_PADLOCK_C
+ *
+ * Comment to disable the use of assembly code.
+ */
+#define MBEDTLS_HAVE_ASM
+
+/**
+ * \def MBEDTLS_NO_UDBL_DIVISION
+ *
+ * The platform lacks support for double-width integer division (64-bit
+ * division on a 32-bit platform, 128-bit division on a 64-bit platform).
+ *
+ * Used in:
+ * include/mbedtls/bignum.h
+ * library/bignum.c
+ *
+ * The bignum code uses double-width division to speed up some operations.
+ * Double-width division is often implemented in software that needs to
+ * be linked with the program. The presence of a double-width integer
+ * type is usually detected automatically through preprocessor macros,
+ * but the automatic detection cannot know whether the code needs to
+ * and can be linked with an implementation of division for that type.
+ * By default division is assumed to be usable if the type is present.
+ * Uncomment this option to prevent the use of double-width division.
+ *
+ * Note that division for the native integer type is always required.
+ * Furthermore, a 64-bit type is always required even on a 32-bit
+ * platform, but it need not support multiplication or division. In some
+ * cases it is also desirable to disable some double-width operations. For
+ * example, if double-width division is implemented in software, disabling
+ * it can reduce code size in some embedded targets.
+ */
+//#define MBEDTLS_NO_UDBL_DIVISION
+
+/**
+ * \def MBEDTLS_NO_64BIT_MULTIPLICATION
+ *
+ * The platform lacks support for 32x32 -> 64-bit multiplication.
+ *
+ * Used in:
+ * library/poly1305.c
+ *
+ * Some parts of the library may use multiplication of two unsigned 32-bit
+ * operands with a 64-bit result in order to speed up computations. On some
+ * platforms, this is not available in hardware and has to be implemented in
+ * software, usually in a library provided by the toolchain.
+ *
+ * Sometimes it is not desirable to have to link to that library. This option
+ * removes the dependency of that library on platforms that lack a hardware
+ * 64-bit multiplier by embedding a software implementation in Mbed TLS.
+ *
+ * Note that depending on the compiler, this may decrease performance compared
+ * to using the library function provided by the toolchain.
+ */
+//#define MBEDTLS_NO_64BIT_MULTIPLICATION
+
+/**
+ * \def MBEDTLS_HAVE_SSE2
+ *
+ * CPU supports SSE2 instruction set.
+ *
+ * Uncomment if the CPU supports SSE2 (IA-32 specific).
+ */
+//#define MBEDTLS_HAVE_SSE2
+
+/**
+ * \def MBEDTLS_HAVE_TIME
+ *
+ * System has time.h and time().
+ * The time does not need to be correct, only time differences are used,
+ * by contrast with MBEDTLS_HAVE_TIME_DATE
+ *
+ * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
+ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
+ * MBEDTLS_PLATFORM_STD_TIME.
+ *
+ * Comment if your system does not support time functions
+ */
+#define MBEDTLS_HAVE_TIME
+
+/**
+ * \def MBEDTLS_HAVE_TIME_DATE
+ *
+ * System has time.h, time(), and an implementation for
+ * mbedtls_platform_gmtime_r() (see below).
+ * The time needs to be correct (not necessarily very accurate, but at least
+ * the date should be correct). This is used to verify the validity period of
+ * X.509 certificates.
+ *
+ * Comment if your system does not have a correct clock.
+ *
+ * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
+ * behaves similarly to the gmtime_r() function from the C standard. Refer to
+ * the documentation for mbedtls_platform_gmtime_r() for more information.
+ *
+ * \note It is possible to configure an implementation for
+ * mbedtls_platform_gmtime_r() at compile-time by using the macro
+ * MBEDTLS_PLATFORM_GMTIME_R_ALT.
+ */
+#define MBEDTLS_HAVE_TIME_DATE
+
+/**
+ * \def MBEDTLS_PLATFORM_MEMORY
+ *
+ * Enable the memory allocation layer.
+ *
+ * By default mbed TLS uses the system-provided calloc() and free().
+ * This allows different allocators (self-implemented or provided) to be
+ * provided to the platform abstraction layer.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY without the
+ * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
+ * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
+ * free() function pointer at runtime.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
+ * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
+ * alternate function at compile time.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Enable this layer to allow use of alternative memory allocators.
+ */
+//#define MBEDTLS_PLATFORM_MEMORY
+
+/**
+ * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+ *
+ * Do not assign standard functions in the platform layer (e.g. calloc() to
+ * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
+ *
+ * This makes sure there are no linking errors on platforms that do not support
+ * these functions. You will HAVE to provide alternatives, either at runtime
+ * via the platform_set_xxx() functions or at compile time by setting
+ * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
+ * MBEDTLS_PLATFORM_XXX_MACRO.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Uncomment to prevent default assignment of standard functions in the
+ * platform layer.
+ */
+//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+
+/**
+ * \def MBEDTLS_PLATFORM_EXIT_ALT
+ *
+ * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
+ * function in the platform abstraction layer.
+ *
+ * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
+ * provide a function "mbedtls_platform_set_printf()" that allows you to set an
+ * alternative printf function pointer.
+ *
+ * All these define require MBEDTLS_PLATFORM_C to be defined!
+ *
+ * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
+ * it will be enabled automatically by check_config.h
+ *
+ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
+ * MBEDTLS_PLATFORM_XXX_MACRO!
+ *
+ * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
+ *
+ * Uncomment a macro to enable alternate implementation of specific base
+ * platform function
+ */
+//#define MBEDTLS_PLATFORM_EXIT_ALT
+//#define MBEDTLS_PLATFORM_TIME_ALT
+//#define MBEDTLS_PLATFORM_FPRINTF_ALT
+//#define MBEDTLS_PLATFORM_PRINTF_ALT
+//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_NV_SEED_ALT
+//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
+
+/**
+ * \def MBEDTLS_DEPRECATED_WARNING
+ *
+ * Mark deprecated functions so that they generate a warning if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * This only works with GCC and Clang. With other compilers, you may want to
+ * use MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Uncomment to get warnings on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_WARNING
+
+/**
+ * \def MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Remove deprecated functions so that they generate an error if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * Uncomment to get errors on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_REMOVED
+
+/**
+ * \def MBEDTLS_CHECK_PARAMS
+ *
+ * This configuration option controls whether the library validates more of
+ * the parameters passed to it.
+ *
+ * When this flag is not defined, the library only attempts to validate an
+ * input parameter if: (1) they may come from the outside world (such as the
+ * network, the filesystem, etc.) or (2) not validating them could result in
+ * internal memory errors such as overflowing a buffer controlled by the
+ * library. On the other hand, it doesn't attempt to validate parameters whose
+ * values are fully controlled by the application (such as pointers).
+ *
+ * When this flag is defined, the library additionally attempts to validate
+ * parameters that are fully controlled by the application, and should always
+ * be valid if the application code is fully correct and trusted.
+ *
+ * For example, when a function accepts as input a pointer to a buffer that may
+ * contain untrusted data, and its documentation mentions that this pointer
+ * must not be NULL:
+ * - the pointer is checked to be non-NULL only if this option is enabled
+ * - the content of the buffer is always validated
+ *
+ * When this flag is defined, if a library function receives a parameter that
+ * is invalid, it will:
+ * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a
+ * call to the function mbedtls_param_failed()
+ * - immediately return (with a specific error code unless the function
+ * returns void and can't communicate an error).
+ *
+ * When defining this flag, you also need to:
+ * - either provide a definition of the function mbedtls_param_failed() in
+ * your application (see platform_util.h for its prototype) as the library
+ * calls that function, but does not provide a default definition for it,
+ * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED()
+ * below if the above mechanism is not flexible enough to suit your needs.
+ * See the documentation of this macro later in this file.
+ *
+ * Uncomment to enable validation of application-controlled parameters.
+ */
+//#define MBEDTLS_CHECK_PARAMS
+
+/* \} name SECTION: System support */
+
+/**
+ * \name SECTION: mbed TLS feature support
+ *
+ * This section sets support for features that are or are not needed
+ * within the modules that are enabled.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_TIMING_ALT
+ *
+ * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
+ *
+ * Only works if you have MBEDTLS_TIMING_C enabled.
+ *
+ * You will need to provide a header "timing_alt.h" and an implementation at
+ * compile time.
+ */
+//#define MBEDTLS_TIMING_ALT
+
+/**
+ * \def MBEDTLS_AES_ALT
+ *
+ * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternate core implementation of a symmetric crypto, an arithmetic or hash
+ * module (e.g. platform specific assembly optimized implementations). Keep
+ * in mind that the function prototypes should remain the same.
+ *
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
+ * provide the "struct mbedtls_aes_context" definition and omit the base
+ * function declarations and implementations. "aes_alt.h" will be included from
+ * "aes.h" to include the new function definitions.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * module.
+ *
+ * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ * use constitutes a security risk. If possible, we recommend
+ * avoiding dependencies on them, and considering stronger message
+ * digests and ciphers instead.
+ *
+ */
+//#define MBEDTLS_AES_ALT
+//#define MBEDTLS_ARC4_ALT
+//#define MBEDTLS_ARIA_ALT
+//#define MBEDTLS_BLOWFISH_ALT
+//#define MBEDTLS_CAMELLIA_ALT
+//#define MBEDTLS_CCM_ALT
+//#define MBEDTLS_CHACHA20_ALT
+//#define MBEDTLS_CHACHAPOLY_ALT
+//#define MBEDTLS_CMAC_ALT
+//#define MBEDTLS_DES_ALT
+//#define MBEDTLS_DHM_ALT
+//#define MBEDTLS_ECJPAKE_ALT
+//#define MBEDTLS_GCM_ALT
+//#define MBEDTLS_NIST_KW_ALT
+//#define MBEDTLS_MD2_ALT
+//#define MBEDTLS_MD4_ALT
+//#define MBEDTLS_MD5_ALT
+//#define MBEDTLS_POLY1305_ALT
+//#define MBEDTLS_RIPEMD160_ALT
+//#define MBEDTLS_RSA_ALT
+//#define MBEDTLS_SHA1_ALT
+//#define MBEDTLS_SHA256_ALT
+//#define MBEDTLS_SHA512_ALT
+//#define MBEDTLS_XTEA_ALT
+
+/*
+ * When replacing the elliptic curve module, pleace consider, that it is
+ * implemented with two .c files:
+ * - ecp.c
+ * - ecp_curves.c
+ * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
+ * macros as described above. The only difference is that you have to make sure
+ * that you provide functionality for both .c files.
+ */
+//#define MBEDTLS_ECP_ALT
+
+/**
+ * \def MBEDTLS_MD2_PROCESS_ALT
+ *
+ * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
+ * alternate core implementation of symmetric crypto or hash function. Keep in
+ * mind that function prototypes should remain the same.
+ *
+ * This replaces only one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
+ * no longer provide the mbedtls_sha1_process() function, but it will still provide
+ * the other function (using your mbedtls_sha1_process() function) and the definition
+ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
+ * with this definition.
+ *
+ * \note Because of a signature change, the core AES encryption and decryption routines are
+ * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
+ * respectively. When setting up alternative implementations, these functions should
+ * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
+ * must stay untouched.
+ *
+ * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
+ * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
+ * tables.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ *
+ * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
+ * constitutes a security risk. If possible, we recommend avoiding
+ * dependencies on them, and considering stronger message digests
+ * and ciphers instead.
+ *
+ */
+//#define MBEDTLS_MD2_PROCESS_ALT
+//#define MBEDTLS_MD4_PROCESS_ALT
+//#define MBEDTLS_MD5_PROCESS_ALT
+//#define MBEDTLS_RIPEMD160_PROCESS_ALT
+//#define MBEDTLS_SHA1_PROCESS_ALT
+//#define MBEDTLS_SHA256_PROCESS_ALT
+//#define MBEDTLS_SHA512_PROCESS_ALT
+//#define MBEDTLS_DES_SETKEY_ALT
+//#define MBEDTLS_DES_CRYPT_ECB_ALT
+//#define MBEDTLS_DES3_CRYPT_ECB_ALT
+//#define MBEDTLS_AES_SETKEY_ENC_ALT
+//#define MBEDTLS_AES_SETKEY_DEC_ALT
+//#define MBEDTLS_AES_ENCRYPT_ALT
+//#define MBEDTLS_AES_DECRYPT_ALT
+//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
+//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
+//#define MBEDTLS_ECDSA_VERIFY_ALT
+//#define MBEDTLS_ECDSA_SIGN_ALT
+//#define MBEDTLS_ECDSA_GENKEY_ALT
+
+/**
+ * \def MBEDTLS_ECP_INTERNAL_ALT
+ *
+ * Expose a part of the internal interface of the Elliptic Curve Point module.
+ *
+ * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternative core implementation of elliptic curve arithmetic. Keep in mind
+ * that function prototypes should remain the same.
+ *
+ * This partially replaces one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
+ * is still present and it is used for group structures not supported by the
+ * alternative.
+ *
+ * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
+ * and implementing the following functions:
+ * unsigned char mbedtls_internal_ecp_grp_capable(
+ * const mbedtls_ecp_group *grp )
+ * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
+ * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
+ * The mbedtls_internal_ecp_grp_capable function should return 1 if the
+ * replacement functions implement arithmetic for the given group and 0
+ * otherwise.
+ * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
+ * called before and after each point operation and provide an opportunity to
+ * implement optimized set up and tear down instructions.
+ *
+ * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
+ * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
+ * function, but will use your mbedtls_internal_ecp_double_jac if the group is
+ * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
+ * receives it as an argument). If the group is not supported then the original
+ * implementation is used. The other functions and the definition of
+ * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
+ * implementation of mbedtls_internal_ecp_double_jac and
+ * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ */
+/* Required for all the functions in this section */
+//#define MBEDTLS_ECP_INTERNAL_ALT
+/* Support for Weierstrass curves with Jacobi representation */
+//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
+//#define MBEDTLS_ECP_ADD_MIXED_ALT
+//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
+/* Support for curves with Montgomery arithmetic */
+//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
+//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
+//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
+
+/**
+ * \def MBEDTLS_TEST_NULL_ENTROPY
+ *
+ * Enables testing and use of mbed TLS without any configured entropy sources.
+ * This permits use of the library on platforms before an entropy source has
+ * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
+ * MBEDTLS_ENTROPY_NV_SEED switches).
+ *
+ * WARNING! This switch MUST be disabled in production builds, and is suitable
+ * only for development.
+ * Enabling the switch negates any security provided by the library.
+ *
+ * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ */
+//#define MBEDTLS_TEST_NULL_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_HARDWARE_ALT
+ *
+ * Uncomment this macro to let mbed TLS use your own implementation of a
+ * hardware entropy collector.
+ *
+ * Your function must be called \c mbedtls_hardware_poll(), have the same
+ * prototype as declared in entropy_poll.h, and accept NULL as first argument.
+ *
+ * Uncomment to use your own hardware entropy collector.
+ */
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+/**
+ * \def MBEDTLS_AES_ROM_TABLES
+ *
+ * Use precomputed AES tables stored in ROM.
+ *
+ * Uncomment this macro to use precomputed AES tables stored in ROM.
+ * Comment this macro to generate AES tables in RAM at runtime.
+ *
+ * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
+ * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
+ * initialization time before the first AES operation can be performed.
+ * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
+ * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
+ * performance if ROM access is slower than RAM access.
+ *
+ * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_ROM_TABLES
+
+/**
+ * \def MBEDTLS_AES_FEWER_TABLES
+ *
+ * Use less ROM/RAM for AES tables.
+ *
+ * Uncommenting this macro omits 75% of the AES tables from
+ * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
+ * by computing their values on the fly during operations
+ * (the tables are entry-wise rotations of one another).
+ *
+ * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
+ * by ~6kb but at the cost of more arithmetic operations during
+ * runtime. Specifically, one has to compare 4 accesses within
+ * different tables to 4 accesses with additional arithmetic
+ * operations within the same table. The performance gain/loss
+ * depends on the system and memory details.
+ *
+ * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_FEWER_TABLES
+
+/**
+ * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
+ *
+ * Use less ROM for the Camellia implementation (saves about 768 bytes).
+ *
+ * Uncomment this macro to use less memory for Camellia.
+ */
+//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CBC
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CTR
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_OFB
+ *
+ * Enable Output Feedback mode (OFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_OFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_XTS
+ *
+ * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
+ */
+#define MBEDTLS_CIPHER_MODE_XTS
+
+/**
+ * \def MBEDTLS_CIPHER_NULL_CIPHER
+ *
+ * Enable NULL cipher.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * encryption or channels without any security!
+ *
+ * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
+ * the following ciphersuites:
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
+ * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
+ * MBEDTLS_TLS_RSA_WITH_NULL_SHA
+ * MBEDTLS_TLS_RSA_WITH_NULL_MD5
+ * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
+ * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
+ * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
+ * MBEDTLS_TLS_PSK_WITH_NULL_SHA
+ *
+ * Uncomment this macro to enable the NULL cipher and ciphersuites
+ */
+//#define MBEDTLS_CIPHER_NULL_CIPHER
+
+/**
+ * \def MBEDTLS_CIPHER_PADDING_PKCS7
+ *
+ * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
+ * specific padding modes in the cipher layer with cipher modes that support
+ * padding (e.g. CBC)
+ *
+ * If you disable all padding modes, only full blocks can be used with CBC.
+ *
+ * Enable padding modes in the cipher layer.
+ */
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#define MBEDTLS_CIPHER_PADDING_ZEROS
+
+/**
+ * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+ *
+ * Enable weak ciphersuites in SSL / TLS.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * channels with virtually no security at all!
+ *
+ * This enables the following ciphersuites:
+ * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
+ *
+ * Uncomment this macro to enable weak ciphersuites
+ *
+ * \warning DES is considered a weak cipher and its use constitutes a
+ * security risk. We recommend considering stronger ciphers instead.
+ */
+//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+ *
+ * Remove RC4 ciphersuites by default in SSL / TLS.
+ * This flag removes the ciphersuites based on RC4 from the default list as
+ * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
+ * explicitly.
+ *
+ * Uncomment this macro to remove RC4 ciphersuites by default.
+ */
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ *
+ * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Comment macros to disable the curve and functions for it
+ */
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
+
+/**
+ * \def MBEDTLS_ECP_NIST_OPTIM
+ *
+ * Enable specific 'modulo p' routines for each NIST prime.
+ * Depending on the prime and architecture, makes operations 4 to 8 times
+ * faster on the corresponding curve.
+ *
+ * Comment this macro to disable NIST curves optimisation.
+ */
+#define MBEDTLS_ECP_NIST_OPTIM
+
+/**
+ * \def MBEDTLS_ECP_RESTARTABLE
+ *
+ * Enable "non-blocking" ECC operations that can return early and be resumed.
+ *
+ * This allows various functions to pause by returning
+ * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
+ * order to further progress and eventually complete their operation. This is
+ * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
+ * number of ECC operations a function may perform before pausing; see
+ * mbedtls_ecp_set_max_ops() for more information.
+ *
+ * This is useful in non-threaded environments if you want to avoid blocking
+ * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
+ *
+ * Uncomment this macro to enable restartable ECC computations.
+ *
+ * \note This option only works with the default software implementation of
+ * elliptic curve functionality. It is incompatible with
+ * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
+ */
+//#define MBEDTLS_ECP_RESTARTABLE
+
+/**
+ * \def MBEDTLS_ECDSA_DETERMINISTIC
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+ * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
+ * may result in a compromise of the long-term signing key. This is avoided by
+ * the deterministic variant.
+ *
+ * Requires: MBEDTLS_HMAC_DRBG_C
+ *
+ * Comment this macro to disable deterministic ECDSA.
+ */
+#define MBEDTLS_ECDSA_DETERMINISTIC
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+ *
+ * Enable the PSK based ciphersuite modes in SSL / TLS.
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+ *
+ * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *
+ * \warning Using DHE constitutes a security risk as it
+ * is not possible to validate custom DH parameters.
+ * If possible, it is recommended users should consider
+ * preferring other methods of key exchange.
+ * See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ *
+ * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ *
+ * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ *
+ * Enable the RSA-only based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+ *
+ * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * \warning Using DHE constitutes a security risk as it
+ * is not possible to validate custom DH parameters.
+ * If possible, it is recommended users should consider
+ * preferring other methods of key exchange.
+ * See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ *
+ * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ *
+ * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ *
+ * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ *
+ * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+ *
+ * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Requires: MBEDTLS_ECJPAKE_C
+ * MBEDTLS_SHA256_C
+ * MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+ */
+//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+/**
+ * \def MBEDTLS_PK_PARSE_EC_EXTENDED
+ *
+ * Enhance support for reading EC keys using variants of SEC1 not allowed by
+ * RFC 5915 and RFC 5480.
+ *
+ * Currently this means parsing the SpecifiedECDomain choice of EC
+ * parameters (only known groups are supported, not arbitrary domains, to
+ * avoid validation issues).
+ *
+ * Disable if you only need to support RFC 5915 + 5480 key formats.
+ */
+#define MBEDTLS_PK_PARSE_EC_EXTENDED
+
+/**
+ * \def MBEDTLS_ERROR_STRERROR_DUMMY
+ *
+ * Enable a dummy error function to make use of mbedtls_strerror() in
+ * third party libraries easier when MBEDTLS_ERROR_C is disabled
+ * (no effect when MBEDTLS_ERROR_C is enabled).
+ *
+ * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
+ * not using mbedtls_strerror() or error_strerror() in your application.
+ *
+ * Disable if you run into name conflicts and want to really remove the
+ * mbedtls_strerror()
+ */
+#define MBEDTLS_ERROR_STRERROR_DUMMY
+
+/**
+ * \def MBEDTLS_GENPRIME
+ *
+ * Enable the prime-number generation code.
+ *
+ * Requires: MBEDTLS_BIGNUM_C
+ */
+#define MBEDTLS_GENPRIME
+
+/**
+ * \def MBEDTLS_FS_IO
+ *
+ * Enable functions that use the filesystem.
+ */
+#define MBEDTLS_FS_IO
+
+/**
+ * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ * Do not add default entropy sources. These are the platform specific,
+ * mbedtls_timing_hardclock and HAVEGE based poll functions.
+ *
+ * This is useful to have more control over the added entropy sources in an
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+ */
+//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+
+/**
+ * \def MBEDTLS_NO_PLATFORM_ENTROPY
+ *
+ * Do not use built-in platform entropy functions.
+ * This is useful if your platform does not support
+ * standards like the /dev/urandom or Windows CryptoAPI.
+ *
+ * Uncomment this macro to disable the built-in platform entropy functions.
+ */
+//#define MBEDTLS_NO_PLATFORM_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_FORCE_SHA256
+ *
+ * Force the entropy accumulator to use a SHA-256 accumulator instead of the
+ * default SHA-512 based one (if both are available).
+ *
+ * Requires: MBEDTLS_SHA256_C
+ *
+ * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
+ * if you have performance concerns.
+ *
+ * This option is only useful if both MBEDTLS_SHA256_C and
+ * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
+ */
+//#define MBEDTLS_ENTROPY_FORCE_SHA256
+
+/**
+ * \def MBEDTLS_ENTROPY_NV_SEED
+ *
+ * Enable the non-volatile (NV) seed file-based entropy source.
+ * (Also enables the NV seed read/write functions in the platform layer)
+ *
+ * This is crucial (if not required) on systems that do not have a
+ * cryptographic entropy source (in hardware or kernel) available.
+ *
+ * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
+ *
+ * \note The read/write functions that are used by the entropy source are
+ * determined in the platform layer, and can be modified at runtime and/or
+ * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
+ *
+ * \note If you use the default implementation functions that read a seedfile
+ * with regular fopen(), please make sure you make a seedfile with the
+ * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
+ * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
+ * and written to or you will get an entropy source error! The default
+ * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
+ * bytes from the file.
+ *
+ * \note The entropy collector will write to the seed file before entropy is
+ * given to an external source, to update it.
+ */
+//#define MBEDTLS_ENTROPY_NV_SEED
+
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
+/**
+ * \def MBEDTLS_MEMORY_DEBUG
+ *
+ * Enable debugging of buffer allocator memory issues. Automatically prints
+ * (to stderr) all (fatal) messages on memory allocation issues. Enables
+ * function for 'debug output' of allocated memory.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Uncomment this macro to let the buffer allocator print out error messages.
+ */
+//#define MBEDTLS_MEMORY_DEBUG
+
+/**
+ * \def MBEDTLS_MEMORY_BACKTRACE
+ *
+ * Include backtrace information with each allocated block.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ * GLIBC-compatible backtrace() an backtrace_symbols() support
+ *
+ * Uncomment this macro to include backtrace information
+ */
+//#define MBEDTLS_MEMORY_BACKTRACE
+
+/**
+ * \def MBEDTLS_PK_RSA_ALT_SUPPORT
+ *
+ * Support external private RSA keys (eg from a HSM) in the PK layer.
+ *
+ * Comment this macro to disable support for external private RSA keys.
+ */
+#define MBEDTLS_PK_RSA_ALT_SUPPORT
+
+/**
+ * \def MBEDTLS_PKCS1_V15
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ *
+ * Requires: MBEDTLS_RSA_C
+ *
+ * This enables support for PKCS#1 v1.5 operations.
+ */
+#define MBEDTLS_PKCS1_V15
+
+/**
+ * \def MBEDTLS_PKCS1_V21
+ *
+ * Enable support for PKCS#1 v2.1 encoding.
+ *
+ * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
+ *
+ * This enables support for RSAES-OAEP and RSASSA-PSS operations.
+ */
+#define MBEDTLS_PKCS1_V21
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_SPM
+ *
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
+ * Partition Manager) integration which separates the code into two parts: a
+ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
+ * Environment).
+ *
+ * Module: library/psa_crypto.c
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_SPM
+
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
+/**
+ * \def MBEDTLS_RSA_NO_CRT
+ *
+ * Do not use the Chinese Remainder Theorem
+ * for the RSA private operation.
+ *
+ * Uncomment this macro to disable the use of CRT in RSA.
+ *
+ */
+//#define MBEDTLS_RSA_NO_CRT
+
+/**
+ * \def MBEDTLS_SELF_TEST
+ *
+ * Enable the checkup functions (*_self_test).
+ */
+#define MBEDTLS_SELF_TEST
+
+/**
+ * \def MBEDTLS_SHA256_SMALLER
+ *
+ * Enable an implementation of SHA-256 that has lower ROM footprint but also
+ * lower performance.
+ *
+ * The default implementation is meant to be a reasonnable compromise between
+ * performance and size. This version optimizes more aggressively for size at
+ * the expense of performance. Eg on Cortex-M4 it reduces the size of
+ * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
+ * 30%.
+ *
+ * Uncomment to enable the smaller implementation of SHA256.
+ */
+//#define MBEDTLS_SHA256_SMALLER
+
+/**
+ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
+ *
+ * Enable sending of alert messages in case of encountered errors as per RFC.
+ * If you choose not to send the alert messages, mbed TLS can still communicate
+ * with other servers, only debugging of failures is harder.
+ *
+ * The advantage of not sending alert messages, is that no information is given
+ * about reasons for failures thus preventing adversaries of gaining intel.
+ *
+ * Enable sending of all alert messages
+ */
+#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
+
+/**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+//#define MBEDTLS_SSL_ASYNC_PRIVATE
+
+/**
+ * \def MBEDTLS_SSL_DEBUG_ALL
+ *
+ * Enable the debug messages in SSL module for all issues.
+ * Debug messages have been disabled in some places to prevent timing
+ * attacks due to (unbalanced) debugging function calls.
+ *
+ * If you need all error reporting you should enable this during debugging,
+ * but remove this for production servers that should log as well.
+ *
+ * Uncomment this macro to report all debug messages on errors introducing
+ * a timing side-channel.
+ *
+ */
+//#define MBEDTLS_SSL_DEBUG_ALL
+
+/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
+ *
+ * Enable support for Encrypt-then-MAC, RFC 7366.
+ *
+ * This allows peers that both support it to use a more robust protection for
+ * ciphersuites using CBC, providing deep resistance against timing attacks
+ * on the padding or underlying cipher.
+ *
+ * This only affects CBC ciphersuites, and is useless if none is defined.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1 or
+ * MBEDTLS_SSL_PROTO_TLS1_1 or
+ * MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Encrypt-then-MAC
+ */
+#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
+
+/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+ *
+ * Enable support for Extended Master Secret, aka Session Hash
+ * (draft-ietf-tls-session-hash-02).
+ *
+ * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * attacks, but it is recommended to always use it (even if you disable
+ * renegotiation), since it actually fixes a more fundamental issue in the
+ * original SSL/TLS design, and has implications beyond Triple Handshake.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1 or
+ * MBEDTLS_SSL_PROTO_TLS1_1 or
+ * MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Extended Master Secret.
+ */
+#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+
+/**
+ * \def MBEDTLS_SSL_FALLBACK_SCSV
+ *
+ * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
+ *
+ * For servers, it is recommended to always enable this, unless you support
+ * only one version of TLS, or know for sure that none of your clients
+ * implements a fallback strategy.
+ *
+ * For clients, you only need this if you're using a fallback strategy, which
+ * is not recommended in the first place, unless you absolutely need it to
+ * interoperate with buggy (version-intolerant) servers.
+ *
+ * Comment this macro to disable support for FALLBACK_SCSV
+ */
+#define MBEDTLS_SSL_FALLBACK_SCSV
+
+/**
+ * \def MBEDTLS_SSL_HW_RECORD_ACCEL
+ *
+ * Enable hooking functions in SSL module for hardware acceleration of
+ * individual records.
+ *
+ * Uncomment this macro to enable hooking functions.
+ */
+//#define MBEDTLS_SSL_HW_RECORD_ACCEL
+
+/**
+ * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ *
+ * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
+ *
+ * This is a countermeasure to the BEAST attack, which also minimizes the risk
+ * of interoperability issues compared to sending 0-length records.
+ *
+ * Comment this macro to disable 1/n-1 record splitting.
+ */
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+/**
+ * \def MBEDTLS_SSL_RENEGOTIATION
+ *
+ * Enable support for TLS renegotiation.
+ *
+ * The two main uses of renegotiation are (1) refresh keys on long-lived
+ * connections and (2) client authentication after the initial handshake.
+ * If you don't need renegotiation, it's probably better to disable it, since
+ * it has been associated with security issues in the past and is easy to
+ * misuse/misunderstand.
+ *
+ * Comment this to disable support for renegotiation.
+ *
+ * \note Even if this option is disabled, both client and server are aware
+ * of the Renegotiation Indication Extension (RFC 5746) used to
+ * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
+ * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
+ * configuration of this extension).
+ *
+ */
+#define MBEDTLS_SSL_RENEGOTIATION
+
+/**
+ * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+ *
+ * Enable support for receiving and parsing SSLv2 Client Hello messages for the
+ * SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to enable support for SSLv2 Client Hello messages.
+ */
+//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+
+/**
+ * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+ *
+ * Pick the ciphersuite according to the client's preferences rather than ours
+ * in the SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to respect client's ciphersuite order
+ */
+//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+
+/**
+ * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ *
+ * Enable support for RFC 6066 max_fragment_length extension in SSL.
+ *
+ * Comment this macro to disable support for the max_fragment_length extension
+ */
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+
+/**
+ * \def MBEDTLS_SSL_PROTO_SSL3
+ *
+ * Enable support for SSL 3.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ * MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for SSL 3.0
+ */
+//#define MBEDTLS_SSL_PROTO_SSL3
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1
+ *
+ * Enable support for TLS 1.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ * MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_1
+ *
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_MD5_C
+ * MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
+ * (Depends on ciphersuites)
+ *
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/**
+ * \def MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1_1
+ * or MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define MBEDTLS_SSL_PROTO_DTLS
+
+/**
+ * \def MBEDTLS_SSL_ALPN
+ *
+ * Enable support for RFC 7301 Application Layer Protocol Negotiation.
+ *
+ * Comment this macro to disable support for ALPN.
+ */
+#define MBEDTLS_SSL_ALPN
+
+/**
+ * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ * MBEDTLS_SSL_PROTO_DTLS
+ *
+ * \warning Disabling this is often a security risk!
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Enable support for HelloVerifyRequest on DTLS servers.
+ *
+ * This feature is highly recommended to prevent DTLS servers being used as
+ * amplifiers in DoS attacks against other hosts. It should always be enabled
+ * unless you know for sure amplification cannot be a problem in the
+ * environment in which your server operates.
+ *
+ * \warning Disabling this can ba a security risk! (see above)
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Comment this to disable support for HelloVerifyRequest.
+ */
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+ *
+ * Enable server-side support for clients that reconnect from the same port.
+ *
+ * Some clients unexpectedly close the connection and try to reconnect using the
+ * same source port. This needs special support from the server to handle the
+ * new connection securely, as described in section 4.2.8 of RFC 6347. This
+ * flag enables that support.
+ *
+ * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Comment this to disable support for clients reusing the source port.
+ */
+#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+
+/**
+ * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+ *
+ * Enable support for a limit of records with bad MAC.
+ *
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ */
+#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+
+/**
+ * \def MBEDTLS_SSL_SESSION_TICKETS
+ *
+ * Enable support for RFC 5077 session tickets in SSL.
+ * Client-side, provides full support for session tickets (maintenance of a
+ * session store remains the responsibility of the application, though).
+ * Server-side, you also need to provide callbacks for writing and parsing
+ * tickets, including authenticated encryption and key management. Example
+ * callbacks are provided by MBEDTLS_SSL_TICKET_C.
+ *
+ * Comment this macro to disable support for SSL session tickets
+ */
+#define MBEDTLS_SSL_SESSION_TICKETS
+
+/**
+ * \def MBEDTLS_SSL_EXPORT_KEYS
+ *
+ * Enable support for exporting key block and master secret.
+ * This is required for certain users of TLS, e.g. EAP-TLS.
+ *
+ * Comment this macro to disable support for key export
+ */
+#define MBEDTLS_SSL_EXPORT_KEYS
+
+/**
+ * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
+ *
+ * Enable support for RFC 6066 server name indication (SNI) in SSL.
+ *
+ * Requires: MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Comment this macro to disable support for server name indication in SSL
+ */
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define MBEDTLS_SSL_TRUNCATED_HMAC
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+ *
+ * Fallback to old (pre-2.7), non-conforming implementation of the truncated
+ * HMAC extension which also truncates the HMAC key. Note that this option is
+ * only meant for a transitory upgrade period and is likely to be removed in
+ * a future version of the library.
+ *
+ * \warning The old implementation is non-compliant and has a security weakness
+ * (2^80 brute force attack on the HMAC key used for a single,
+ * uninterrupted connection). This should only be enabled temporarily
+ * when (1) the use of truncated HMAC is essential in order to save
+ * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
+ * the fixed implementation yet (pre-2.7).
+ *
+ * \deprecated This option is deprecated and will likely be removed in a
+ * future version of Mbed TLS.
+ *
+ * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
+ *
+ * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
+ */
+//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+
+/**
+ * \def MBEDTLS_THREADING_ALT
+ *
+ * Provide your own alternate threading implementation.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to allow your own alternate threading implementation.
+ */
+//#define MBEDTLS_THREADING_ALT
+
+/**
+ * \def MBEDTLS_THREADING_PTHREAD
+ *
+ * Enable the pthread wrapper layer for the threading layer.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to enable pthread mutexes.
+ */
+//#define MBEDTLS_THREADING_PTHREAD
+
+/**
+ * \def MBEDTLS_USE_PSA_CRYPTO
+ *
+ * Make the X.509 and TLS library use PSA for cryptographic operations, see
+ * #MBEDTLS_PSA_CRYPTO_C.
+ *
+ * Note: this option is still in progress, the full X.509 and TLS modules are
+ * not covered yet, but parts that are not ported to PSA yet will still work
+ * as usual, so enabling this option should not break backwards compatibility.
+ *
+ * \warning Support for PSA is still an experimental feature.
+ * Any public API that depends on this option may change
+ * at any time until this warning is removed.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C.
+ */
+//#define MBEDTLS_USE_PSA_CRYPTO
+
+/**
+ * \def MBEDTLS_VERSION_FEATURES
+ *
+ * Allow run-time checking of compile-time enabled features. Thus allowing users
+ * to check at run-time if the library is for instance compiled with threading
+ * support via mbedtls_version_check_feature().
+ *
+ * Requires: MBEDTLS_VERSION_C
+ *
+ * Comment this to disable run-time checking and save ROM space
+ */
+#define MBEDTLS_VERSION_FEATURES
+
+/**
+ * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an extension in a v1 or v2 certificate.
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+
+/**
+ * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an unknown critical extension.
+ *
+ * \warning Depending on your PKI use, enabling this can be a security risk!
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+
+/**
+ * \def MBEDTLS_X509_CHECK_KEY_USAGE
+ *
+ * Enable verification of the keyUsage extension (CA and leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused
+ * (intermediate) CA and leaf certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip keyUsage checking for both CA and leaf certificates.
+ */
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+ *
+ * Enable verification of the extendedKeyUsage extension (leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip extendedKeyUsage checking for certificates.
+ */
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
+ *
+ * Enable parsing and verification of X.509 certificates, CRLs and CSRS
+ * signed with RSASSA-PSS (aka PKCS#1 v2.1).
+ *
+ * Comment this macro to disallow using RSASSA-PSS in certificates.
+ */
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+/**
+ * \def MBEDTLS_ZLIB_SUPPORT
+ *
+ * If set, the SSL/TLS module uses ZLIB to support compression and
+ * decompression of packet data.
+ *
+ * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
+ * CRIME attack. Before enabling this option, you should examine with care if
+ * CRIME or similar exploits may be applicable to your use case.
+ *
+ * \note Currently compression can't be used with DTLS.
+ *
+ * \deprecated This feature is deprecated and will be removed
+ * in the next major revision of the library.
+ *
+ * Used in: library/ssl_tls.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This feature requires zlib library and headers to be present.
+ *
+ * Uncomment to enable use of ZLIB
+ */
+//#define MBEDTLS_ZLIB_SUPPORT
+/* \} name SECTION: mbed TLS feature support */
+
+/**
+ * \name SECTION: mbed TLS modules
+ *
+ * This section enables or disables entire modules in mbed TLS
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_AESNI_C
+ *
+ * Enable AES-NI support on x86-64.
+ *
+ * Module: library/aesni.c
+ * Caller: library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the AES-NI instructions on x86-64
+ */
+#define MBEDTLS_AESNI_C
+
+/**
+ * \def MBEDTLS_AES_C
+ *
+ * Enable the AES block cipher.
+ *
+ * Module: library/aes.c
+ * Caller: library/cipher.c
+ * library/pem.c
+ * library/ctr_drbg.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *
+ * PEM_PARSE uses AES for decrypting encrypted keys.
+ */
+#define MBEDTLS_AES_C
+
+/**
+ * \def MBEDTLS_ARC4_C
+ *
+ * Enable the ARCFOUR stream cipher.
+ *
+ * Module: library/arc4.c
+ * Caller: library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ *
+ * \warning ARC4 is considered a weak cipher and its use constitutes a
+ * security risk. If possible, we recommend avoidng dependencies on
+ * it, and considering stronger ciphers instead.
+ *
+ */
+#define MBEDTLS_ARC4_C
+
+/**
+ * \def MBEDTLS_ASN1_PARSE_C
+ *
+ * Enable the generic ASN1 parser.
+ *
+ * Module: library/asn1.c
+ * Caller: library/x509.c
+ * library/dhm.c
+ * library/pkcs12.c
+ * library/pkcs5.c
+ * library/pkparse.c
+ */
+#define MBEDTLS_ASN1_PARSE_C
+
+/**
+ * \def MBEDTLS_ASN1_WRITE_C
+ *
+ * Enable the generic ASN1 writer.
+ *
+ * Module: library/asn1write.c
+ * Caller: library/ecdsa.c
+ * library/pkwrite.c
+ * library/x509_create.c
+ * library/x509write_crt.c
+ * library/x509write_csr.c
+ */
+#define MBEDTLS_ASN1_WRITE_C
+
+/**
+ * \def MBEDTLS_BASE64_C
+ *
+ * Enable the Base64 module.
+ *
+ * Module: library/base64.c
+ * Caller: library/pem.c
+ *
+ * This module is required for PEM support (required by X.509).
+ */
+#define MBEDTLS_BASE64_C
+
+/**
+ * \def MBEDTLS_BIGNUM_C
+ *
+ * Enable the multi-precision integer library.
+ *
+ * Module: library/bignum.c
+ * Caller: library/dhm.c
+ * library/ecp.c
+ * library/ecdsa.c
+ * library/rsa.c
+ * library/rsa_internal.c
+ * library/ssl_tls.c
+ *
+ * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
+ */
+#define MBEDTLS_BIGNUM_C
+
+/**
+ * \def MBEDTLS_BLOWFISH_C
+ *
+ * Enable the Blowfish block cipher.
+ *
+ * Module: library/blowfish.c
+ */
+#define MBEDTLS_BLOWFISH_C
+
+/**
+ * \def MBEDTLS_CAMELLIA_C
+ *
+ * Enable the Camellia block cipher.
+ *
+ * Module: library/camellia.c
+ * Caller: library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ */
+#define MBEDTLS_CAMELLIA_C
+
+/**
+ * \def MBEDTLS_ARIA_C
+ *
+ * Enable the ARIA block cipher.
+ *
+ * Module: library/aria.c
+ * Caller: library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *
+ * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
+ * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
+ * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
+ */
+//#define MBEDTLS_ARIA_C
+
+/**
+ * \def MBEDTLS_CCM_C
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Module: library/ccm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-CCM ciphersuites, if other requisites are
+ * enabled as well.
+ */
+#define MBEDTLS_CCM_C
+
+/**
+ * \def MBEDTLS_CERTS_C
+ *
+ * Enable the test certificates.
+ *
+ * Module: library/certs.c
+ * Caller:
+ *
+ * This module is used for testing (ssl_client/server).
+ */
+#define MBEDTLS_CERTS_C
+
+/**
+ * \def MBEDTLS_CHACHA20_C
+ *
+ * Enable the ChaCha20 stream cipher.
+ *
+ * Module: library/chacha20.c
+ */
+#define MBEDTLS_CHACHA20_C
+
+/**
+ * \def MBEDTLS_CHACHAPOLY_C
+ *
+ * Enable the ChaCha20-Poly1305 AEAD algorithm.
+ *
+ * Module: library/chachapoly.c
+ *
+ * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
+ */
+#define MBEDTLS_CHACHAPOLY_C
+
+/**
+ * \def MBEDTLS_CIPHER_C
+ *
+ * Enable the generic cipher layer.
+ *
+ * Module: library/cipher.c
+ * Caller: library/ssl_tls.c
+ *
+ * Uncomment to enable generic cipher wrappers.
+ */
+#define MBEDTLS_CIPHER_C
+
+/**
+ * \def MBEDTLS_CMAC_C
+ *
+ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
+ * ciphers.
+ *
+ * Module: library/cmac.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
+ *
+ */
+#define MBEDTLS_CMAC_C
+
+/**
+ * \def MBEDTLS_CTR_DRBG_C
+ *
+ * Enable the CTR_DRBG AES-based random generator.
+ * The CTR_DRBG generator uses AES-256 by default.
+ * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below.
+ *
+ * Module: library/ctr_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_AES_C
+ *
+ * This module provides the CTR_DRBG AES random number generator.
+ */
+#define MBEDTLS_CTR_DRBG_C
+
+/**
+ * \def MBEDTLS_DEBUG_C
+ *
+ * Enable the debug functions.
+ *
+ * Module: library/debug.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ *
+ * This module provides debugging functions.
+ */
+#define MBEDTLS_DEBUG_C
+
+/**
+ * \def MBEDTLS_DES_C
+ *
+ * Enable the DES block cipher.
+ *
+ * Module: library/des.c
+ * Caller: library/pem.c
+ * library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *
+ * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
+ *
+ * \warning DES is considered a weak cipher and its use constitutes a
+ * security risk. We recommend considering stronger ciphers instead.
+ */
+#define MBEDTLS_DES_C
+
+/**
+ * \def MBEDTLS_DHM_C
+ *
+ * Enable the Diffie-Hellman-Merkle module.
+ *
+ * Module: library/dhm.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ * DHE-RSA, DHE-PSK
+ *
+ * \warning Using DHE constitutes a security risk as it
+ * is not possible to validate custom DH parameters.
+ * If possible, it is recommended users should consider
+ * preferring other methods of key exchange.
+ * See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_DHM_C
+
+/**
+ * \def MBEDTLS_ECDH_C
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Module: library/ecdh.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
+ *
+ * Requires: MBEDTLS_ECP_C
+ */
+#define MBEDTLS_ECDH_C
+
+/**
+ * \def MBEDTLS_ECDSA_C
+ *
+ * Enable the elliptic curve DSA library.
+ *
+ * Module: library/ecdsa.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ * ECDHE-ECDSA
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
+ */
+#define MBEDTLS_ECDSA_C
+
+/**
+ * \def MBEDTLS_ECJPAKE_C
+ *
+ * Enable the elliptic curve J-PAKE library.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Module: library/ecjpake.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ * ECJPAKE
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
+ */
+//#define MBEDTLS_ECJPAKE_C
+
+/**
+ * \def MBEDTLS_ECP_C
+ *
+ * Enable the elliptic curve over GF(p) library.
+ *
+ * Module: library/ecp.c
+ * Caller: library/ecdh.c
+ * library/ecdsa.c
+ * library/ecjpake.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
+ */
+#define MBEDTLS_ECP_C
+
+/**
+ * \def MBEDTLS_ENTROPY_C
+ *
+ * Enable the platform-specific entropy code.
+ *
+ * Module: library/entropy.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
+ *
+ * This module provides a generic entropy pool
+ */
+#define MBEDTLS_ENTROPY_C
+
+/**
+ * \def MBEDTLS_ERROR_C
+ *
+ * Enable error code to error string conversion.
+ *
+ * Module: library/error.c
+ * Caller:
+ *
+ * This module enables mbedtls_strerror().
+ */
+#define MBEDTLS_ERROR_C
+
+/**
+ * \def MBEDTLS_GCM_C
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Module: library/gcm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
+ * requisites are enabled as well.
+ */
+#define MBEDTLS_GCM_C
+
+/**
+ * \def MBEDTLS_HAVEGE_C
+ *
+ * Enable the HAVEGE random generator.
+ *
+ * Warning: the HAVEGE random generator is not suitable for virtualized
+ * environments
+ *
+ * Warning: the HAVEGE random generator is dependent on timing and specific
+ * processor traits. It is therefore not advised to use HAVEGE as
+ * your applications primary random generator or primary entropy pool
+ * input. As a secondary input to your entropy pool, it IS able add
+ * the (limited) extra entropy it provides.
+ *
+ * Module: library/havege.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_TIMING_C
+ *
+ * Uncomment to enable the HAVEGE random generator.
+ */
+//#define MBEDTLS_HAVEGE_C
+
+/**
+ * \def MBEDTLS_HKDF_C
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Module: library/hkdf.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the Hashed Message Authentication Code
+ * (HMAC)-based key derivation function (HKDF).
+ */
+#define MBEDTLS_HKDF_C
+
+/**
+ * \def MBEDTLS_HMAC_DRBG_C
+ *
+ * Enable the HMAC_DRBG random generator.
+ *
+ * Module: library/hmac_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * Uncomment to enable the HMAC_DRBG random number geerator.
+ */
+#define MBEDTLS_HMAC_DRBG_C
+
+/**
+ * \def MBEDTLS_NIST_KW_C
+ *
+ * Enable the Key Wrapping mode for 128-bit block ciphers,
+ * as defined in NIST SP 800-38F. Only KW and KWP modes
+ * are supported. At the moment, only AES is approved by NIST.
+ *
+ * Module: library/nist_kw.c
+ *
+ * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
+ */
+//#define MBEDTLS_NIST_KW_C
+
+/**
+ * \def MBEDTLS_MD_C
+ *
+ * Enable the generic message digest layer.
+ *
+ * Module: library/md.c
+ * Caller:
+ *
+ * Uncomment to enable generic message digest wrappers.
+ */
+#define MBEDTLS_MD_C
+
+/**
+ * \def MBEDTLS_MD2_C
+ *
+ * Enable the MD2 hash algorithm.
+ *
+ * Module: library/md2.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD2-signed X.509 certs.
+ *
+ * \warning MD2 is considered a weak message digest and its use constitutes a
+ * security risk. If possible, we recommend avoiding dependencies on
+ * it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD2_C
+
+/**
+ * \def MBEDTLS_MD4_C
+ *
+ * Enable the MD4 hash algorithm.
+ *
+ * Module: library/md4.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD4-signed X.509 certs.
+ *
+ * \warning MD4 is considered a weak message digest and its use constitutes a
+ * security risk. If possible, we recommend avoiding dependencies on
+ * it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD4_C
+
+/**
+ * \def MBEDTLS_MD5_C
+ *
+ * Enable the MD5 hash algorithm.
+ *
+ * Module: library/md5.c
+ * Caller: library/md.c
+ * library/pem.c
+ * library/ssl_tls.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
+ * depending on the handshake parameters. Further, it is used for checking
+ * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
+ * encrypted keys.
+ *
+ * \warning MD5 is considered a weak message digest and its use constitutes a
+ * security risk. If possible, we recommend avoiding dependencies on
+ * it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_MD5_C
+
+/**
+ * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Enable the buffer allocator implementation that makes use of a (stack)
+ * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
+ * calls)
+ *
+ * Module: library/memory_buffer_alloc.c
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
+ *
+ * Enable this module to enable the buffer memory allocator.
+ */
+//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+
+/**
+ * \def MBEDTLS_NET_C
+ *
+ * Enable the TCP and UDP over IPv6/IPv4 networking routines.
+ *
+ * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
+ * and Windows. For other platforms, you'll want to disable it, and write your
+ * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module: library/net_sockets.c
+ *
+ * This module provides networking routines.
+ */
+#define MBEDTLS_NET_C
+
+/**
+ * \def MBEDTLS_OID_C
+ *
+ * Enable the OID database.
+ *
+ * Module: library/oid.c
+ * Caller: library/asn1write.c
+ * library/pkcs5.c
+ * library/pkparse.c
+ * library/pkwrite.c
+ * library/rsa.c
+ * library/x509.c
+ * library/x509_create.c
+ * library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
+ * library/x509write_crt.c
+ * library/x509write_csr.c
+ *
+ * This modules translates between OIDs and internal values.
+ */
+#define MBEDTLS_OID_C
+
+/**
+ * \def MBEDTLS_PADLOCK_C
+ *
+ * Enable VIA Padlock support on x86.
+ *
+ * Module: library/padlock.c
+ * Caller: library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the VIA PadLock on x86.
+ */
+#define MBEDTLS_PADLOCK_C
+
+/**
+ * \def MBEDTLS_PEM_PARSE_C
+ *
+ * Enable PEM decoding / parsing.
+ *
+ * Module: library/pem.c
+ * Caller: library/dhm.c
+ * library/pkparse.c
+ * library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for decoding / parsing PEM files.
+ */
+#define MBEDTLS_PEM_PARSE_C
+
+/**
+ * \def MBEDTLS_PEM_WRITE_C
+ *
+ * Enable PEM encoding / writing.
+ *
+ * Module: library/pem.c
+ * Caller: library/pkwrite.c
+ * library/x509write_crt.c
+ * library/x509write_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for encoding / writing PEM files.
+ */
+#define MBEDTLS_PEM_WRITE_C
+
+/**
+ * \def MBEDTLS_PK_C
+ *
+ * Enable the generic public (asymetric) key layer.
+ *
+ * Module: library/pk.c
+ * Caller: library/ssl_tls.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
+ *
+ * Uncomment to enable generic public key wrappers.
+ */
+#define MBEDTLS_PK_C
+
+/**
+ * \def MBEDTLS_PK_PARSE_C
+ *
+ * Enable the generic public (asymetric) key parser.
+ *
+ * Module: library/pkparse.c
+ * Caller: library/x509_crt.c
+ * library/x509_csr.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key parse functions.
+ */
+#define MBEDTLS_PK_PARSE_C
+
+/**
+ * \def MBEDTLS_PK_WRITE_C
+ *
+ * Enable the generic public (asymetric) key writer.
+ *
+ * Module: library/pkwrite.c
+ * Caller: library/x509write.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key write functions.
+ */
+#define MBEDTLS_PK_WRITE_C
+
+/**
+ * \def MBEDTLS_PKCS5_C
+ *
+ * Enable PKCS#5 functions.
+ *
+ * Module: library/pkcs5.c
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the PKCS#5 functions.
+ */
+#define MBEDTLS_PKCS5_C
+
+/**
+ * \def MBEDTLS_PKCS11_C
+ *
+ * Enable wrapper for PKCS#11 smartcard support.
+ *
+ * Module: library/pkcs11.c
+ * Caller: library/pk.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * This module enables SSL/TLS PKCS #11 smartcard support.
+ * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
+ */
+//#define MBEDTLS_PKCS11_C
+
+/**
+ * \def MBEDTLS_PKCS12_C
+ *
+ * Enable PKCS#12 PBE functions.
+ * Adds algorithms for parsing PKCS#8 encrypted private keys
+ *
+ * Module: library/pkcs12.c
+ * Caller: library/pkparse.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ * Can use: MBEDTLS_ARC4_C
+ *
+ * This module enables PKCS#12 functions.
+ */
+#define MBEDTLS_PKCS12_C
+
+/**
+ * \def MBEDTLS_PLATFORM_C
+ *
+ * Enable the platform abstraction layer that allows you to re-assign
+ * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
+ *
+ * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
+ * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
+ * above to be specified at runtime or compile time respectively.
+ *
+ * \note This abstraction layer must be enabled on Windows (including MSYS2)
+ * as other module rely on it for a fixed snprintf implementation.
+ *
+ * Module: library/platform.c
+ * Caller: Most other .c files
+ *
+ * This module enables abstraction of common (libc) functions.
+ */
+#define MBEDTLS_PLATFORM_C
+
+/**
+ * \def MBEDTLS_POLY1305_C
+ *
+ * Enable the Poly1305 MAC algorithm.
+ *
+ * Module: library/poly1305.c
+ * Caller: library/chachapoly.c
+ */
+#define MBEDTLS_POLY1305_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_C
+ *
+ * Enable the Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto.c
+ *
+ * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
+ *
+ * Enable the Platform Security Architecture persistent key storage.
+ *
+ * Module: library/psa_crypto_storage.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C and one of either
+ * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ * (but not both)
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ * Enable persistent key storage over files for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto_storage_file.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ *
+ * Enable persistent key storage over PSA ITS for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto_storage_its.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+
+/**
+ * \def MBEDTLS_RIPEMD160_C
+ *
+ * Enable the RIPEMD-160 hash algorithm.
+ *
+ * Module: library/ripemd160.c
+ * Caller: library/md.c
+ *
+ */
+#define MBEDTLS_RIPEMD160_C
+
+/**
+ * \def MBEDTLS_RSA_C
+ *
+ * Enable the RSA public-key cryptosystem.
+ *
+ * Module: library/rsa.c
+ * library/rsa_internal.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ * library/x509.c
+ *
+ * This module is used by the following key exchanges:
+ * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
+ */
+#define MBEDTLS_RSA_C
+
+/**
+ * \def MBEDTLS_SHA1_C
+ *
+ * Enable the SHA1 cryptographic hash algorithm.
+ *
+ * Module: library/sha1.c
+ * Caller: library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ * library/x509write_crt.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
+ * depending on the handshake parameters, and for SHA1-signed certificates.
+ *
+ * \warning SHA-1 is considered a weak message digest and its use constitutes
+ * a security risk. If possible, we recommend avoiding dependencies
+ * on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_SHA1_C
+
+/**
+ * \def MBEDTLS_SHA256_C
+ *
+ * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
+ *
+ * Module: library/sha256.c
+ * Caller: library/entropy.c
+ * library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ *
+ * This module adds support for SHA-224 and SHA-256.
+ * This module is required for the SSL/TLS 1.2 PRF function.
+ */
+#define MBEDTLS_SHA256_C
+
+/**
+ * \def MBEDTLS_SHA512_C
+ *
+ * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
+ *
+ * Module: library/sha512.c
+ * Caller: library/entropy.c
+ * library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This module adds support for SHA-384 and SHA-512.
+ */
+#define MBEDTLS_SHA512_C
+
+/**
+ * \def MBEDTLS_SSL_CACHE_C
+ *
+ * Enable simple SSL cache implementation.
+ *
+ * Module: library/ssl_cache.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_CACHE_C
+ */
+#define MBEDTLS_SSL_CACHE_C
+
+/**
+ * \def MBEDTLS_SSL_COOKIE_C
+ *
+ * Enable basic implementation of DTLS cookies for hello verification.
+ *
+ * Module: library/ssl_cookie.c
+ * Caller:
+ */
+#define MBEDTLS_SSL_COOKIE_C
+
+/**
+ * \def MBEDTLS_SSL_TICKET_C
+ *
+ * Enable an implementation of TLS server-side callbacks for session tickets.
+ *
+ * Module: library/ssl_ticket.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_CIPHER_C
+ */
+#define MBEDTLS_SSL_TICKET_C
+
+/**
+ * \def MBEDTLS_SSL_CLI_C
+ *
+ * Enable the SSL/TLS client code.
+ *
+ * Module: library/ssl_cli.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS client support.
+ */
+#define MBEDTLS_SSL_CLI_C
+
+/**
+ * \def MBEDTLS_SSL_SRV_C
+ *
+ * Enable the SSL/TLS server code.
+ *
+ * Module: library/ssl_srv.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS server support.
+ */
+#define MBEDTLS_SSL_SRV_C
+
+/**
+ * \def MBEDTLS_SSL_TLS_C
+ *
+ * Enable the generic SSL/TLS code.
+ *
+ * Module: library/ssl_tls.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
+ *
+ * This module is required for SSL/TLS.
+ */
+#define MBEDTLS_SSL_TLS_C
+
+/**
+ * \def MBEDTLS_THREADING_C
+ *
+ * Enable the threading abstraction layer.
+ * By default mbed TLS assumes it is used in a non-threaded environment or that
+ * contexts are not shared between threads. If you do intend to use contexts
+ * between threads, you will need to enable this layer to prevent race
+ * conditions. See also our Knowledge Base article about threading:
+ * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
+ *
+ * Module: library/threading.c
+ *
+ * This allows different threading implementations (self-implemented or
+ * provided).
+ *
+ * You will have to enable either MBEDTLS_THREADING_ALT or
+ * MBEDTLS_THREADING_PTHREAD.
+ *
+ * Enable this layer to allow use of mutexes within mbed TLS
+ */
+//#define MBEDTLS_THREADING_C
+
+/**
+ * \def MBEDTLS_TIMING_C
+ *
+ * Enable the semi-portable timing interface.
+ *
+ * \note The provided implementation only works on POSIX/Unix (including Linux,
+ * BSD and OS X) and Windows. On other platforms, you can either disable that
+ * module and provide your own implementations of the callbacks needed by
+ * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
+ * your own implementation of the whole module by setting
+ * \c MBEDTLS_TIMING_ALT in the current file.
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module: library/timing.c
+ * Caller: library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+ */
+#define MBEDTLS_TIMING_C
+
+/**
+ * \def MBEDTLS_VERSION_C
+ *
+ * Enable run-time version information.
+ *
+ * Module: library/version.c
+ *
+ * This module provides run-time version information.
+ */
+#define MBEDTLS_VERSION_C
+
+/**
+ * \def MBEDTLS_X509_USE_C
+ *
+ * Enable X.509 core for using certificates.
+ *
+ * Module: library/x509.c
+ * Caller: library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
+ * MBEDTLS_PK_PARSE_C
+ *
+ * This module is required for the X.509 parsing modules.
+ */
+#define MBEDTLS_X509_USE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Enable X.509 certificate parsing.
+ *
+ * Module: library/x509_crt.c
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 certificate parsing.
+ */
+#define MBEDTLS_X509_CRT_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CRL_PARSE_C
+ *
+ * Enable X.509 CRL parsing.
+ *
+ * Module: library/x509_crl.c
+ * Caller: library/x509_crt.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 CRL parsing.
+ */
+#define MBEDTLS_X509_CRL_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_PARSE_C
+ *
+ * Enable X.509 Certificate Signing Request (CSR) parsing.
+ *
+ * Module: library/x509_csr.c
+ * Caller: library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is used for reading X.509 certificate request.
+ */
+#define MBEDTLS_X509_CSR_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CREATE_C
+ *
+ * Enable X.509 core for creating certificates.
+ *
+ * Module: library/x509_create.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
+ *
+ * This module is the basis for creating X.509 certificates and CSRs.
+ */
+#define MBEDTLS_X509_CREATE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_WRITE_C
+ *
+ * Enable creating X.509 certificates.
+ *
+ * Module: library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate creation.
+ */
+#define MBEDTLS_X509_CRT_WRITE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_WRITE_C
+ *
+ * Enable creating X.509 Certificate Signing Requests (CSR).
+ *
+ * Module: library/x509_csr_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate request writing.
+ */
+#define MBEDTLS_X509_CSR_WRITE_C
+
+/**
+ * \def MBEDTLS_XTEA_C
+ *
+ * Enable the XTEA block cipher.
+ *
+ * Module: library/xtea.c
+ * Caller:
+ */
+#define MBEDTLS_XTEA_C
+
+/* \} name SECTION: mbed TLS modules */
+
+/**
+ * \name SECTION: Module configuration options
+ *
+ * This section allows for the setting of module specific sizes and
+ * configuration options. The default values are already present in the
+ * relevant header files and should suffice for the regular use cases.
+ *
+ * Our advice is to enable options and change their values here
+ * only if you have a good reason and know the consequences.
+ *
+ * Please check the respective header file for documentation on these
+ * parameters (to prevent duplicate documentation).
+ * \{
+ */
+
+/* MPI / BIGNUM options */
+//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
+//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
+
+/* CTR_DRBG options */
+//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
+//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
+//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */
+
+/* HMAC_DRBG options */
+//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
+
+/* ECP options */
+//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
+//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
+
+/* Entropy options */
+//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
+//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
+//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
+
+/* Memory buffer allocator options */
+//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
+
+/* Platform options */
+//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
+//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
+/* Note: your snprintf must correctly zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
+
+/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
+/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
+//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
+/* Note: your snprintf must correctly zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+
+/**
+ * \brief This macro is invoked by the library when an invalid parameter
+ * is detected that is only checked with MBEDTLS_CHECK_PARAMS
+ * (see the documentation of that option for context).
+ *
+ * When you leave this undefined here, a default definition is
+ * provided that invokes the function mbedtls_param_failed(),
+ * which is declared in platform_util.h for the benefit of the
+ * library, but that you need to define in your application.
+ *
+ * When you define this here, this replaces the default
+ * definition in platform_util.h (which no longer declares the
+ * function mbedtls_param_failed()) and it is your responsibility
+ * to make sure this macro expands to something suitable (in
+ * particular, that all the necessary declarations are visible
+ * from within the library - you can ensure that by providing
+ * them in this file next to the macro definition).
+ *
+ * Note that you may define this macro to expand to nothing, in
+ * which case you don't have to worry about declarations or
+ * definitions. However, you will then be notified about invalid
+ * parameters only in non-void functions, and void function will
+ * just silently return early on invalid parameters, which
+ * partially negates the benefits of enabling
+ * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
+ *
+ * \param cond The expression that should evaluate to true, but doesn't.
+ */
+//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
+
+/* SSL Cache options */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
+
+/* SSL options */
+
+/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
+ *
+ * Maximum length (in bytes) of incoming and outgoing plaintext fragments.
+ *
+ * This determines the size of both the incoming and outgoing TLS I/O buffers
+ * in such a way that both are capable of holding the specified amount of
+ * plaintext data, regardless of the protection mechanism used.
+ *
+ * To configure incoming and outgoing I/O buffers separately, use
+ * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN,
+ * which overwrite the value set by this option.
+ *
+ * \note When using a value less than the default of 16KB on the client, it is
+ * recommended to use the Maximum Fragment Length (MFL) extension to
+ * inform the server about this limitation. On the server, there
+ * is no supported, standardized way of informing the client about
+ * restriction on the maximum size of incoming messages, and unless
+ * the limitation has been communicated by other means, it is recommended
+ * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
+ * while keeping the default value of 16KB for the incoming buffer.
+ *
+ * Uncomment to set the maximum plaintext size of both
+ * incoming and outgoing I/O buffers.
+ */
+//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_IN_CONTENT_LEN
+ *
+ * Maximum length (in bytes) of incoming plaintext fragments.
+ *
+ * This determines the size of the incoming TLS I/O buffer in such a way
+ * that it is capable of holding the specified amount of plaintext data,
+ * regardless of the protection mechanism used.
+ *
+ * If this option is undefined, it inherits its value from
+ * #MBEDTLS_SSL_MAX_CONTENT_LEN.
+ *
+ * \note When using a value less than the default of 16KB on the client, it is
+ * recommended to use the Maximum Fragment Length (MFL) extension to
+ * inform the server about this limitation. On the server, there
+ * is no supported, standardized way of informing the client about
+ * restriction on the maximum size of incoming messages, and unless
+ * the limitation has been communicated by other means, it is recommended
+ * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
+ * while keeping the default value of 16KB for the incoming buffer.
+ *
+ * Uncomment to set the maximum plaintext size of the incoming I/O buffer
+ * independently of the outgoing I/O buffer.
+ */
+//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
+ *
+ * Maximum length (in bytes) of outgoing plaintext fragments.
+ *
+ * This determines the size of the outgoing TLS I/O buffer in such a way
+ * that it is capable of holding the specified amount of plaintext data,
+ * regardless of the protection mechanism used.
+ *
+ * If this option undefined, it inherits its value from
+ * #MBEDTLS_SSL_MAX_CONTENT_LEN.
+ *
+ * It is possible to save RAM by setting a smaller outward buffer, while keeping
+ * the default inward 16384 byte buffer to conform to the TLS specification.
+ *
+ * The minimum required outward buffer size is determined by the handshake
+ * protocol's usage. Handshaking will fail if the outward buffer is too small.
+ * The specific size requirement depends on the configured ciphers and any
+ * certificate data which is sent during the handshake.
+ *
+ * Uncomment to set the maximum plaintext size of the outgoing I/O buffer
+ * independently of the incoming I/O buffer.
+ */
+//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
+
+/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
+ *
+ * Maximum number of heap-allocated bytes for the purpose of
+ * DTLS handshake message reassembly and future message buffering.
+ *
+ * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
+ * to account for a reassembled handshake message of maximum size,
+ * together with its reassembly bitmap.
+ *
+ * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
+ * should be sufficient for all practical situations as it allows
+ * to reassembly a large handshake message (such as a certificate)
+ * while buffering multiple smaller handshake messages.
+ *
+ */
+//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
+
+//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
+//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
+//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
+
+/**
+ * Complete list of ciphersuites to use, in order of preference.
+ *
+ * \warning No dependency checking is done on that field! This option can only
+ * be used to restrict the set of available ciphersuites. It is your
+ * responsibility to make sure the needed modules are active.
+ *
+ * Use this to save a few hundred bytes of ROM (default ordering of all
+ * available ciphersuites) and a few to a few hundred bytes of RAM.
+ *
+ * The value below is only an example, not the default.
+ */
+//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+
+/* X509 options */
+//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
+//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
+
+/**
+ * Allow SHA-1 in the default TLS configuration for certificate signing.
+ * Without this build-time option, SHA-1 support must be activated explicitly
+ * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
+ * recommended because of it is possible to generate SHA-1 collisions, however
+ * this may be safe for legacy infrastructure where additional controls apply.
+ *
+ * \warning SHA-1 is considered a weak message digest and its use constitutes
+ * a security risk. If possible, we recommend avoiding dependencies
+ * on it, and considering stronger message digests instead.
+ *
+ */
+// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+
+/**
+ * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
+ * signature and ciphersuite selection. Without this build-time option, SHA-1
+ * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
+ * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
+ * default. At the time of writing, there is no practical attack on the use
+ * of SHA-1 in handshake signatures, hence this option is turned on by default
+ * to preserve compatibility with existing peers, but the general
+ * warning applies nonetheless:
+ *
+ * \warning SHA-1 is considered a weak message digest and its use constitutes
+ * a security risk. If possible, we recommend avoiding dependencies
+ * on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
+
+/**
+ * Uncomment the macro to let mbed TLS use your alternate implementation of
+ * mbedtls_platform_zeroize(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * mbedtls_platform_zeroize() is a widely used function across the library to
+ * zero a block of memory. The implementation is expected to be secure in the
+ * sense that it has been written to prevent the compiler from removing calls
+ * to mbedtls_platform_zeroize() as part of redundant code elimination
+ * optimizations. However, it is difficult to guarantee that calls to
+ * mbedtls_platform_zeroize() will not be optimized by the compiler as older
+ * versions of the C language standards do not provide a secure implementation
+ * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
+ * configure their own implementation of mbedtls_platform_zeroize(), for
+ * example by using directives specific to their compiler, features from newer
+ * C standards (e.g using memset_s() in C11) or calling a secure memset() from
+ * their system (e.g explicit_bzero() in BSD).
+ */
+//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
+/**
+ * Uncomment the macro to let Mbed TLS use your alternate implementation of
+ * mbedtls_platform_gmtime_r(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * gmtime() is not a thread-safe function as defined in the C standard. The
+ * library will try to use safer implementations of this function, such as
+ * gmtime_r() when available. However, if Mbed TLS cannot identify the target
+ * system, the implementation of mbedtls_platform_gmtime_r() will default to
+ * using the standard gmtime(). In this case, calls from the library to
+ * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
+ * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
+ * library are also guarded with this mutex to avoid race conditions. However,
+ * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
+ * unconditionally use the implementation for mbedtls_platform_gmtime_r()
+ * supplied at compile time.
+ */
+//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
+
+/* \} name SECTION: Customisation configuration options */
+
+/* Target and application specific configurations
+ *
+ * Allow user to override any previous default.
+ *
+ */
+#if defined(MBEDTLS_USER_CONFIG_FILE)
+#include MBEDTLS_USER_CONFIG_FILE
+#endif
+
+#include "check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/docs/PSACryptoDriverModelSpec.pdf b/docs/PSACryptoDriverModelSpec.pdf
new file mode 100644
index 0000000..cf11380
--- /dev/null
+++ b/docs/PSACryptoDriverModelSpec.pdf
Binary files differ
diff --git a/docs/architecture/.gitignore b/docs/architecture/.gitignore
new file mode 100644
index 0000000..23f832b
--- /dev/null
+++ b/docs/architecture/.gitignore
@@ -0,0 +1,2 @@
+*.html
+*.pdf
diff --git a/docs/architecture/Makefile b/docs/architecture/Makefile
new file mode 100644
index 0000000..f763c9c
--- /dev/null
+++ b/docs/architecture/Makefile
@@ -0,0 +1,19 @@
+PANDOC = pandoc
+
+default: all
+
+all_markdown = \
+ mbed-crypto-storage-specification.md \
+ # This line is intentionally left blank
+
+html: $(all_markdown:.md=.html)
+pdf: $(all_markdown:.md=.pdf)
+all: html pdf
+
+.SUFFIXES:
+.SUFFIXES: .md .html .pdf
+
+.md.html:
+ $(PANDOC) -o $@ $<
+.md.pdf:
+ $(PANDOC) -o $@ $<
diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md
new file mode 100644
index 0000000..2d4fed5
--- /dev/null
+++ b/docs/architecture/mbed-crypto-storage-specification.md
@@ -0,0 +1,161 @@
+Mbed Crypto storage specification
+=================================
+
+This document specifies how Mbed Crypto uses storage.
+
+Mbed Crypto may be upgraded on an existing device with the storage preserved. Therefore:
+
+1. Any change may break existing installations and may require an upgrade path.
+1. This document retains historical information about all past released versions. Do not remove information from this document unless it has always been incorrect or it is about a version that you are sure was never released.
+
+Mbed Crypto 0.1.0
+-----------------
+
+Tags: mbedcrypto-0.1.0b, mbedcrypto-0.1.0b2
+
+Released in November 2018. <br>
+Integrated in Mbed OS 5.11.
+
+Supported backends:
+
+* [PSA ITS](#file-namespace-on-its-for-0.1.0)
+* [C stdio](#file-namespace-on-stdio-for-0.1.0)
+
+Supported features:
+
+* [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-names-for-0.1.0).
+* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0) on ITS only.
+
+This is a beta release, and we do not promise backward compatibility, with one exception:
+
+> On Mbed OS, if a device has a nonvolatile random seed file produced with Mbed OS 5.11.x and is upgraded to a later version of Mbed OS, the nonvolatile random seed file is preserved or upgraded.
+
+We do not make any promises regarding key storage, or regarding the nonvolatile random seed file on other platforms.
+
+### Key names for 0.1.0
+
+Information about each key is stored in a dedicated file whose name is constructed from the key identifier. The way in which the file name is constructed depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.1.0).
+
+The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid.
+
+The code uses the following constant in an internal header (note that despite the name, this value is actually one plus the maximum permitted value):
+
+ #define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000
+
+There is a shared namespace for all callers.
+
+### Key file format for 0.1.0
+
+All integers are encoded in little-endian order in 8-bit bytes.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`
+* version (4 bytes): 0
+* type (4 bytes): `psa_key_type_t` value
+* policy usage flags (4 bytes): `psa_key_usage_t` value
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value
+* key material length (4 bytes)
+* key material: output of `psa_export_key`
+* Any trailing data is rejected on load.
+
+### Nonvolatile random seed file format for 0.1.0
+
+The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization.
+
+The file format is just the seed as a byte string with no metadata or encoding of any kind.
+
+### File namespace on ITS for 0.1.0
+
+Assumption: ITS provides a 32-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the file identifier](#key-names-for-0.1.0).
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
+* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff: unused.
+
+### File namespace on stdio for 0.1.0
+
+Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
+
+An undocumented build-time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
+
+* `CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
+* `sprintf(CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identifier](#key-names-for-0.1.0) is `key_id`.
+* Other files: unused.
+
+Mbed Crypto 0.2.0
+-----------------
+
+**Warning:** the information in this section is provisional and may change before Mbed Crypto is released for Mbed OS 5.12. At the time of writing, we don't even know whether this version will be called 0.2.0.
+
+To be released for Mbed OS 5.12.
+
+Supported integrations:
+
+* [PSA platform](#file-namespace-on-a-psa-platform-for-0.2.0)
+* [library using PSA ITS](#file-namespace-on-its-as-a-library-for-0.2.0)
+* [library using C stdio](#file-namespace-on-stdio-for-0.2.0)
+
+Supported features:
+
+* [Persistent transparent keys](#key-file-format-for-0.2.0) designated by a [key identifier and owner](#key-names-for-0.2.0).
+* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0) on ITS only.
+
+Backward compatibility commitments: TBD
+
+### Key names for 0.2.0
+
+Information about each key is stored in a dedicated file designated by a _key file identifier_ (`psa_key_file_id_t`). The key file identifier is constructed from the 32-bit key identifier (`psa_key_id_t`) and, if applicable, an identifier of the owner of the key. In integrations where there is no concept of key owner (in particular, in library integrations), the key file identifier is exactly the key identifier. When the library is integrated into a service, the service determines the semantics of the owner identifier.
+
+The way in which the file name is constructed from the key file identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-0.2.0).
+
+The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not documented in user-facing documentation: according to the user-facing documentation, arbitrary 32-bit values are valid.
+
+* Library integration: the key file name is just the key identifer. This is a 32-bit value.
+* PSA service integration: the key file identifier is `(uint32_t)owner_uid << 32 | key_id` where `key_id` is the key identifier specified by the application and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
+
+### Key file format for 0.2.0
+
+The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key material has changed, therefore the storage format is not compatible (despite using the same value in the version field so far).
+
+### Nonvolatile random seed file format for 0.2.0
+
+[Identical to 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
+
+### File namespace on a PSA platform for 0.2.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+Assumption: the owner identifier is a nonzero value of type `int32_t`.
+
+* Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused, reserved for internal use of the crypto library or crypto service.
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
+* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0). The upper 32 bits determine the owner.
+
+### File namespace on ITS as a library for 0.2.0
+
+Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+* File 0: unused.
+* Files 1 through 0xfffeffff: [content](#key-file-format-for-0.2.0) of the [key whose identifier is the file identifier](#key-names-for-0.2.0).
+* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.2.0).
+* Files 0xffff0000 through 0xffffff51, 0xffffff53 through 0xffffffff, 0x100000000 through 0xffffffffffffffff: unused.
+
+### File namespace on stdio for 0.2.0
+
+This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
+
+[Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0).
+
+### Upgrade from 0.1.0 to 0.2.0.
+
+* Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported.
+
+### Suggested changes to make before 0.2.0
+
+The library integration and the PSA platform integration use different sets of file names. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffffff in a library integration).
+
+It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range 0–0xffffffff for internal library use.
diff --git a/docs/getting_started.md b/docs/getting_started.md
new file mode 100644
index 0000000..3008a19
--- /dev/null
+++ b/docs/getting_started.md
@@ -0,0 +1,525 @@
+## Getting started with Mbed Crypto
+
+### What is Mbed Crypto?
+
+Mbed Crypto is an open source cryptographic library that supports a wide range of cryptographic operations, including:
+* Key management
+* Hashing
+* Symmetric cryptography
+* Asymmetric cryptography
+* Message authentication (MAC)
+* Key generation and derivation
+* Authenticated encryption with associated data (AEAD)
+
+The Mbed Crypto library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). It is written in portable C.
+
+The Mbed Crypto library is distributed under the Apache License, version 2.0.
+
+#### Platform Security Architecture (PSA)
+
+Arm's Platform Security Architecture (PSA) is a holistic set of threat models,
+security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives.
+
+### Using Mbed Crypto
+
+* [Getting the Mbed Crypto library](#getting-the-mbed-crypto-library)
+* [Building the Mbed Crypto library](#building-the-mbed-crypto-library)
+* [Using the Mbed Crypto library](#using-the-mbed-crypto-library)
+* [Importing a key](#importing-a-key)
+* [Signing a message using RSA](#signing-a-message-using-RSA)
+* [Encrypting or decrypting using symmetric ciphers](#encrypting-or-decrypting-using-symmetric-ciphers)
+* [Hashing a message](#hashing-a-message)
+* [Deriving a new key from an existing key](#deriving-a-new-key-from-an-existing-key)
+* [Generating a random value](#generating-a-random-value)
+* [Authenticating and encrypting or decrypting a message](#authenticating-and-encrypting-or-decrypting-a-message)
+* [Generating and exporting keys](#generating-and-exporting-keys)
+* [More about the Mbed Crypto library](#more-about-the-mbed-crypto-library)
+
+### Getting the Mbed Crypto library
+
+Mbed Crypto releases are available in the [public Github repository]( https://github.com/ARMmbed/mbed-crypto).
+
+### Building the Mbed Crypto library
+
+You need the following tools to build the library with the provided makefiles:
+* GNU Make.
+* A C toolchain (compiler, linker, archiver).
+* Python 2 or Python 3 (either works) to generate the test code.
+* Perl to run the tests.
+
+If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs.
+
+To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`), such as:
+```
+make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
+```
+The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
+
+To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
+
+### Using the Mbed Crypto library
+
+To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other API. This initializes the library.
+
+### Importing a key
+
+To use a key for cryptography operations in Mbed Crypto, you need to first import it into a key slot. Each slot can store only one key at a time. The slot where the key is stored must be unoccupied, and valid for a key of the chosen type.
+
+Prerequisites to importing keys:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+Importing a key and checking key information:
+1. Import a key pair into key slot `1`.
+1. Test the information stored in this slot:
+```C
+ int key_slot = 1;
+ uint8_t *data = "KEYPAIR_KEY_DATA";
+ size_t data_size;
+ psa_key_type_t type = PSA_KEY_TYPE_RSA_PUBLIC_KEY;
+ size_t got_bits;
+ psa_key_type_t got_type;
+ size_t expected_bits = data_size;
+ psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA;
+ size_t export_size = data_size;
+
+ psa_crypto_init();
+
+ /* Import the key */
+ status = psa_import_key(key_slot, type, data, data_size);
+
+ /* Test the key information */
+ status = psa_get_key_information(slot, &got_type, &got_bits);
+
+ /* Destroy the key */
+ psa_destroy_key(key_slot);
+ mbedtls_psa_crypto_free();
+```
+
+### Signing a message using RSA
+
+Mbed Crypto provides support for encrypting, decrypting, signing and verifying messages using public key signature algorithms (such as RSA or ECDSA).
+
+Prerequisites to working with the asymmetric cipher API:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* Configure the key policy accordingly:
+ * `PSA_KEY_USAGE_SIGN` to allow signing.
+ * `PSA_KEY_USAGE_VERIFY` to allow signature verification.
+* Have a valid key in the key slot.
+
+To sign a given message `payload` using RSA:
+1. Set the key policy of the chosen key slot by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_SIGN` parameter and the algorithm `PSA_ALG_RSA_PKCS1V15_SIGN_RAW`.
+This allows the key in the key slot to be used for RSA signing.
+1. Import the key into the key slot by calling `psa_import_key()`. You can use an already imported key instead of importing a new one.
+1. Call `psa_asymmetric_sign()` and get the output buffer that contains the signature:
+```C
+ psa_status_t status;
+ int key_slot = 1;
+ unsigned char key[] = "RSA_KEY";
+ unsigned char payload[] = "ASYMMETRIC_INPUT_FOR_SIGN";
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
+ size_t signature_length;
+
+ status = psa_crypto_init();
+
+ /* Import the key */
+ psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_SIGN,
+ PSA_ALG_RSA_PKCS1V15_SIGN_RAW);
+ status = psa_set_key_policy(key_slot, &policy);
+
+ status = psa_import_key(key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
+ key, sizeof(key));
+
+ /* Sing message using the key */
+ status = psa_asymmetric_sign(key_slot, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ payload, sizeof(payload),
+ signature, sizeof(signature),
+ &signature_length);
+ /* Destroy the key */
+ psa_destroy_key(key_slot);
+ mbedtls_psa_crypto_free();
+```
+
+### Encrypting or decrypting using symmetric ciphers
+
+Mbed Crypto provides support for encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers).
+
+Prerequisites to working with the symmetric cipher API:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* Configure the key policy accordingly (`PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption).
+* Have a valid key in the key slot.
+
+Encrypting a message with a symmetric cipher:
+1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions.
+1. Call `psa_cipher_encrypt_setup` to initialize the operation structure and specify the algorithm and the key to be used.
+1. Call either `psa_cipher_generate_iv` or `psa_cipher_set_iv` to generate or set the initialization vector (IV). We recommended `psa_cipher_generate_iv`, unless you require a specific IV value.
+1. Call `psa_cipher_update` one or more times, passing either the whole or only a fragment of the message each time.
+1. Call `psa_cipher_finish` to end the operation and output the encrypted message.
+
+Encrypting random data using an AES key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled):
+```c
+ psa_key_slot_t key_slot = 1;
+ psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
+ psa_cipher_operation_t operation;
+ size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES);
+ unsigned char input[block_size];
+ unsigned char iv[block_size];
+ size_t iv_len;
+ unsigned char output[block_size];
+ size_t output_len;
+
+ /* generate some random data to be encrypted */
+ psa_generate_random(input, sizeof(input));
+
+ /* encrypt the key */
+ psa_cipher_encrypt_setup(&operation, key_slot, alg);
+ psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len);
+ psa_cipher_update(&operation, input, sizeof(input),
+ output, sizeof(output),
+ &output_len);
+ psa_cipher_finish(&operation,
+ output + output_len, sizeof(output) - output_len,
+ &output_len);
+ /* Clean up cipher operation context */
+ psa_cipher_abort(&operation);
+```
+
+Decrypting a message with a symmetric cipher:
+1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions.
+1. Call `psa_cipher_decrypt_setup` to initialize the operation structure and to specify the algorithm and the key to be used.
+1. Call `psa_cipher_set_iv` with the IV for the decryption.
+1. Call `psa_cipher_update` one or more times passing either the whole or only a fragment of the message each time.
+1. Call `psa_cipher_finish` to end the operation and output the decrypted message.
+
+Decrypting encrypted data using an AES key in CBC mode with no padding
+(assuming all prerequisites have been fulfilled):
+```c
+ psa_key_slot_t key_slot = 1;
+ psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
+ psa_cipher_operation_t operation;
+ size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES);
+ unsigned char input[block_size];
+ unsigned char iv[block_size];
+ size_t iv_len;
+ unsigned char output[block_size];
+ size_t output_len;
+
+ /* setup input data */
+ fetch_iv(iv, sizeof(iv)); /* fetch the IV used when the data was encrypted */
+ fetch_input(input, sizeof(input)); /* fetch the data to be decrypted */
+
+ /* encrypt the encrypted data */
+ psa_cipher_decrypt_setup(&operation, key_slot, alg);
+ psa_cipher_set_iv(&operation, iv, sizeof(iv));
+ psa_cipher_update(&operation, input, sizeof(input),
+ output, sizeof(output),
+ &output_len);
+ psa_cipher_finish(&operation,
+ output + output_len, sizeof(output) - output_len,
+ &output_len);
+ /* Clean up cipher operation context */
+ psa_cipher_abort(&operation);
+```
+
+#### Handling cipher operation contexts
+
+Once you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`, you can terminate the operation at any time by calling `psa_cipher_abort`.
+
+The call to `psa_cipher_abort` frees any resources associated with the operation (except for the operation structure itself). An implicit call to `psa_cipher_abort` occurs when any of these conditions occur:
+* A call to `psa_cipher_generate_iv`, `psa_cipher_set_iv` or `psa_cipher_update` has failed (returning any status other than `PSA_SUCCESS`).
+* Either a successful or failed call to `psa_cipher_finish`.
+
+Once `psa_cipher_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling either `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup` again.
+
+For an operation that has been initialized successfully (by a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`) it is imperative that at some time `psa_cipher_abort` is called.
+
+Multiple sequential calls to `psa_cipher_abort` on an operation that has already been terminated (either implicitly or explicitly) are safe and have no effect.
+
+### Hashing a message
+
+Mbed Crypto lets you compute and verify hashes using various hashing algorithms.
+
+The current implementation supports the following hash algorithms: `MD2`, `MD4`, `MD5`, `RIPEMD160`, `SHA-1`, `SHA-224`, `SHA-256`, `SHA-384`, and `SHA-512`.
+
+Prerequisites to working with the hash APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+To calculate a hash:
+1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions.
+1. Call `psa_hash_setup` to initialize the operation structure and specify the hash algorithm.
+1. Call `psa_hash_update` one or more times, passing either the whole or only a fragment of the message each time.
+1. Call `psa_hash_finish` to calculate the hash, or `psa_hash_verify` to compare the computed hash with an expected hash value.
+
+Calculate the `SHA-256` hash of a message:
+```c
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ psa_hash_operation_t operation;
+ unsigned char input[] = { 'a', 'b', 'c' };
+ unsigned char actual_hash[PSA_HASH_MAX_SIZE];
+ size_t actual_hash_len;
+
+ /* Compute hash of message */
+ psa_hash_setup(&operation, alg);
+ psa_hash_update(&operation, input, sizeof(input));
+ psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), &actual_hash_len);
+
+ /* Clean up hash operation context */
+ psa_hash_abort(&operation);
+```
+
+Verify the `SHA-256` hash of a message:
+```c
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ psa_hash_operation_t operation;
+ unsigned char input[] = { 'a', 'b', 'c' };
+ unsigned char expected_hash[] = {
+ 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde,
+ 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
+ 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
+ };
+ size_t expected_hash_len = PSA_HASH_SIZE(alg);
+
+ /* Verify message hash */
+ psa_hash_setup(&operation, alg);
+ psa_hash_update(&operation, input, sizeof(input));
+ psa_hash_verify(&operation, expected_hash, expected_hash_len);
+```
+
+The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash length (in bytes) for the specified algorithm.
+
+#### Handling hash operation contexts
+
+Once the operation structure has been successfully initialized by a successful call to `psa_hash_setup`, it's possible to terminate the operation at any time by calling `psa_hash_abort`. The call to `psa_hash_abort` frees any resources associated with the operation (except for the operation structure itself).
+
+An implicit call to `psa_hash_abort` occurs when any of these conditions occur:
+1. A call to `psa_hash_update` has failed (returning any status other than `PSA_SUCCESS`).
+1. Either a successful or failed call to `psa_hash_finish`.
+1. Either a successful or failed call to `psa_hash_verify`.
+
+Once `psa_hash_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling `psa_hash_setup` again.
+
+For an operation that has been initialized successfully (by a successful call to `psa_hash_setup`) it is imperative that at some time `psa_hash_abort` is called.
+
+Multiple sequential calls to `psa_hash_abort` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect.
+
+### Generating a random value
+
+Mbed Crypto can generate random data.
+
+Prerequisites to random generation:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+Generate a random, ten-byte piece of data:
+1. Generate random bytes by calling `psa_generate_random()`:
+```C
+ psa_status_t status;
+ uint8_t random[10] = { 0 };
+ psa_crypto_init();
+ status = psa_generate_random(random, sizeof(random));
+
+ mbedtls_psa_crypto_free();
+```
+
+### Deriving a new key from an existing key
+
+Mbed Crypto provides a key derivation API that lets you derive new keys from existing ones. Key derivation is based upon the generator abstraction. A generator must first be initialized and set up (provided with a key and optionally other data) and then derived data can be read from it either to a buffer or directly imported into a key slot.
+
+Prerequisites to working with the key derivation APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* Configure the key policy for the key used for derivation (`PSA_KEY_USAGE_DERIVE`)
+* The key type must be `PSA_KEY_TYPE_DERIVE`.
+
+Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF with a given key, salt and label:
+1. Set the key policy for key derivation by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_DERIVE` parameter, and the algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`.
+1. Import the key into the key slot by calling `psa_import_key()`. You can skip this step and the previous one if the key has already been imported into a known key slot.
+1. Set up the generator using the `psa_key_derivation` function providing a key slot containing a key that can be used for key derivation and a salt and label (Note: salt and label are optional).
+1. Initiate a key policy to for the derived key by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR`.
+1. Set the key policy to the derived key slot.
+1. Import a key from generator into the desired key slot using (`psa_generator_import_key`).
+1. Clean up generator.
+
+At this point the derived key slot holds a new 128-bit AES-CTR encryption key derived from the key, salt and label provided:
+```C
+ psa_key_slot_t base_key = 1;
+ psa_key_slot_t derived_key = 2;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ unsigned char key[] = {
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b };
+
+ unsigned char salt[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
+ 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c };
+
+ unsigned char label[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6,
+ 0xf7, 0xf8, 0xf9 };
+
+ psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ size_t derived_bits = 128;
+ size_t capacity = PSA_BITS_TO_BYTES(derived_bits);
+
+ status = psa_crypto_init();
+
+ /* Import a key for use in key derivation, if such a key has already been imported you can skip this part */
+ psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DERIVE, alg);
+ status = psa_set_key_policy(base_key, &policy);
+
+ status = psa_import_key(base_key, PSA_KEY_TYPE_DERIVE, key, sizeof(key));
+
+ /* Derive a key into a key slot*/
+ status = psa_key_derivation(&generator, base_key, alg, salt, sizeof(salt),
+ label, sizeof(label), capacity);
+
+ psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR);
+
+ psa_set_key_policy(derived_key, &policy);
+
+ psa_generator_import_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator);
+
+ /* Clean up generator and key */
+ psa_generator_abort(&generator);
+ /* as part of clean up you may want to clean up the keys used by calling:
+ * psa_destroy_key( base_key ); or psa_destroy_key( derived_key ); */
+ mbedtls_psa_crypto_free();
+```
+
+### Authenticating and encrypting or decrypting a message
+
+Mbed Crypto provides a simple way for authenticate and encrypt with associated data (AEAD) supporting `PSA_ALG_CCM` algorithm.
+
+Prerequisites to working with the AEAD ciphers APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* The key policy for the key used for derivation must be configured accordingly (`PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT`).
+
+To authenticate and encrypt a message:
+```C
+ int slot = 1;
+ psa_status_t status;
+ unsigned char key[] = { 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
+ 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF };
+
+ unsigned char nonce[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B };
+
+ unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20,
+ 0xC3, 0x3C, 0x49, 0xFD, 0x70 };
+
+ unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41,
+ 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43,
+ 0xD2, 0xD7, 0xC2 };
+ unsigned char *output_data = NULL;
+ size_t output_size = 0;
+ size_t output_length = 0;
+ size_t tag_length = 16;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ output_size = sizeof(input_data) + tag_length;
+ output_data = malloc(output_size);
+ status = psa_crypto_init();
+
+ psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM);
+ status = psa_set_key_policy(slot, &policy);
+
+ status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key));
+
+ status = psa_aead_encrypt(slot, PSA_ALG_CCM,
+ nonce, sizeof(nonce),
+ additional_data, sizeof(additional_data),
+ input_data, sizeof(input_data),
+ output_data, output_size,
+ &output_length);
+
+ psa_destroy_key(slot);
+ mbedtls_free(output_data);
+ mbedtls_psa_crypto_free();
+```
+
+To authenticate and decrypt a message:
+
+```C
+ int slot = 1;
+ psa_status_t status;
+ unsigned char key[] = {
+ 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
+ 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF
+ };
+
+ unsigned char nonce[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3,
+ 0x3C, 0x49, 0xFD, 0x70
+ };
+
+ unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20,
+ 0xC3, 0x3C, 0x49, 0xFD, 0x70
+ };
+ unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41,
+ 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43,
+ 0xD2, 0xD7, 0xC2
+ };
+ unsigned char *output_data = NULL;
+ size_t output_size = 0;
+ size_t output_length = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ output_size = sizeof(input_data);
+ output_data = malloc(output_size);
+ status = psa_crypto_init();
+
+ psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM);
+ status = psa_set_key_policy(slot, &policy);
+
+ status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key));
+
+ status = psa_aead_decrypt(slot, PSA_ALG_CCM,
+ nonce, sizeof(nonce),
+ additional_data, sizeof(additional_data),
+ input_data, sizeof(input_data),
+ output_data, output_size,
+ &output_length);
+
+ psa_destroy_key(slot);
+ mbedtls_free(output_data);
+ mbedtls_psa_crypto_free();
+```
+
+### Generating and exporting keys
+
+Mbed Crypto provides a simple way to generate a key or key pair.
+
+Prerequisites to using key generation and export APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+Generate a piece of random 128-bit AES data:
+1. Set the key policy for key generation by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_EXPORT` parameter and the algorithm `PSA_ALG_GCM`.
+1. Generate a random AES key by calling `psa_generate_key()`.
+1. Export the generated key by calling `psa_export_key()`:
+```C
+ int slot = 1;
+ size_t bits = 128;
+ size_t exported_size = bits;
+ size_t exported_length = 0;
+ uint8_t *exported = malloc(exported_size);
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ psa_crypto_init();
+
+ psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_GCM);
+ psa_set_key_policy(slot, &policy);
+
+ /* Generate a key */
+ psa_generate_key(slot, PSA_KEY_TYPE_AES, bits, NULL, 0);
+
+ psa_export_key(slot, exported, exported_size, &exported_length)
+
+ psa_destroy_key(slot);
+ mbedtls_psa_crypto_free();
+```
+
+### More about the Mbed Crypto library
+
+More information on [Mbed Crypto](https://github.com/ARMmbed/mbed-crypto/).
+
+More information on [PSA Crypto](https://github.com/ARMmbed/mbed-crypto/blob/development/docs/PSA_Crypto_API_Overview.pdf).
diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt
index 1b581a5..4621271 100644
--- a/include/CMakeLists.txt
+++ b/include/CMakeLists.txt
@@ -3,14 +3,20 @@
if(INSTALL_MBEDTLS_HEADERS)
file(GLOB headers "mbedtls/*.h")
+ file(GLOB psa_headers "psa/*.h")
install(FILES ${headers}
DESTINATION include/mbedtls
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+ install(FILES ${psa_headers}
+ DESTINATION include/psa
+ PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+
endif(INSTALL_MBEDTLS_HEADERS)
# Make config.h available in an out-of-source build. ssl-opt.sh requires it.
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
link_to_source(mbedtls)
+ link_to_source(psa)
endif()
diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h
index 0196f49..a4ca012 100644
--- a/include/mbedtls/aesni.h
+++ b/include/mbedtls/aesni.h
@@ -27,6 +27,12 @@
#ifndef MBEDTLS_AESNI_H
#define MBEDTLS_AESNI_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "aes.h"
#define MBEDTLS_AESNI_AES 0x02000000u
diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h
index dc0db86..dc81782 100644
--- a/include/mbedtls/asn1write.h
+++ b/include/mbedtls/asn1write.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_ASN1_WRITE_H
#define MBEDTLS_ASN1_WRITE_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "asn1.h"
#define MBEDTLS_ASN1_CHK_ADD(g, f) \
diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h
index 9af1149..0d02416 100644
--- a/include/mbedtls/base64.h
+++ b/include/mbedtls/base64.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_BASE64_H
#define MBEDTLS_BASE64_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include <stddef.h>
#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */
diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h
index 2f7b72f..c33bd8d 100644
--- a/include/mbedtls/bn_mul.h
+++ b/include/mbedtls/bn_mul.h
@@ -38,6 +38,12 @@
#ifndef MBEDTLS_BN_MUL_H
#define MBEDTLS_BN_MUL_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "bignum.h"
#if defined(MBEDTLS_HAVE_ASM)
@@ -750,7 +756,7 @@
"sw $10, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
- : "$9", "$10", "$11", "$12", "$13", "$14", "$15" \
+ : "$9", "$10", "$11", "$12", "$13", "$14", "$15", "lo", "hi" \
);
#endif /* MIPS */
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 3f6b8f6..f03e3b5 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -49,6 +49,12 @@
#ifndef MBEDTLS_CCM_H
#define MBEDTLS_CCM_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "cipher.h"
#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */
diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h
index 8dab7b5..b7c5708 100644
--- a/include/mbedtls/certs.h
+++ b/include/mbedtls/certs.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_CERTS_H
#define MBEDTLS_CERTS_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include <stddef.h>
#ifdef __cplusplus
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index b86e580..ea05938 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -50,6 +50,11 @@
!defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define MBEDTLS_PLATFORM_SNPRINTF_ALT
#endif
+
+#if !defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && \
+ !defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
+#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
+#endif
#endif /* _WIN32 */
#if defined(TARGET_LIKE_MBED) && \
@@ -109,14 +114,15 @@
#endif
#if defined(MBEDTLS_ECP_RESTARTABLE) && \
- ( defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) || \
+ ( defined(MBEDTLS_USE_PSA_CRYPTO) || \
+ defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) || \
defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) || \
defined(MBEDTLS_ECDSA_SIGN_ALT) || \
defined(MBEDTLS_ECDSA_VERIFY_ALT) || \
defined(MBEDTLS_ECDSA_GENKEY_ALT) || \
defined(MBEDTLS_ECP_INTERNAL_ALT) || \
defined(MBEDTLS_ECP_ALT) )
-#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation"
+#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative or PSA-based ECP implementation"
#endif
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
@@ -501,6 +507,38 @@
#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
#endif
+#if defined(MBEDTLS_PSA_CRYPTO_C) && \
+ !( defined(MBEDTLS_CTR_DRBG_C) && \
+ defined(MBEDTLS_ENTROPY_C) )
+#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
+#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+#error "Only one of MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C can be defined"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
+ !( defined(MBEDTLS_PSA_CRYPTO_C) && \
+ ( defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) || \
+ defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) )
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && \
+ !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
+ defined(MBEDTLS_FS_IO) )
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) && \
+ ! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites"
+#endif
+
#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(MBEDTLS_OID_C) )
#error "MBEDTLS_RSA_C defined, but not all prerequisites"
@@ -643,6 +681,10 @@
#endif
#undef MBEDTLS_THREADING_IMPL
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_C)
+#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites"
+#endif
+
#if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
#error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
#endif
@@ -691,7 +733,7 @@
/*
* Avoid warning from -pedantic. This is a convenient place for this
* workaround since this is included by every single file before the
- * #if defined(MBEDTLS_xxx_C) that results in emtpy translation units.
+ * #if defined(MBEDTLS_xxx_C) that results in empty translation units.
*/
typedef int mbedtls_iso_c_forbids_empty_translation_units;
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 922b6c3..2d609db 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -36,7 +36,7 @@
#endif
#include <stddef.h>
-#include "mbedtls/platform_util.h"
+#include "platform_util.h"
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
#define MBEDTLS_CIPHER_MODE_AEAD
@@ -180,16 +180,16 @@
/** Supported cipher modes. */
typedef enum {
- MBEDTLS_MODE_NONE = 0, /**< None. */
- MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */
- MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */
- MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */
- MBEDTLS_MODE_OFB, /**< The OFB cipher mode. */
- MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */
- MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */
- MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */
- MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */
- MBEDTLS_MODE_XTS, /**< The XTS cipher mode. */
+ MBEDTLS_MODE_NONE = 0, /**< None. */
+ MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */
+ MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */
+ MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */
+ MBEDTLS_MODE_OFB, /**< The OFB cipher mode. */
+ MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */
+ MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */
+ MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */
+ MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */
+ MBEDTLS_MODE_XTS, /**< The XTS cipher mode. */
MBEDTLS_MODE_CHACHAPOLY, /**< The ChaCha-Poly cipher mode. */
} mbedtls_cipher_mode_t;
@@ -322,14 +322,32 @@
/** CMAC-specific context. */
mbedtls_cmac_context_t *cmac_ctx;
#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /** Indicates whether the cipher operations should be performed
+ * by Mbed TLS' own crypto library or an external implementation
+ * of the PSA Crypto API.
+ * This is unset if the cipher context was established through
+ * mbedtls_cipher_setup(), and set if it was established through
+ * mbedtls_cipher_setup_psa().
+ */
+ unsigned char psa_enabled;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
} mbedtls_cipher_context_t;
/**
- * \brief This function retrieves the list of ciphers supported by the generic
- * cipher module.
+ * \brief This function retrieves the list of ciphers supported
+ * by the generic cipher module.
*
- * \return A statically-allocated array of ciphers. The last entry
- * is zero.
+ * For any cipher identifier in the returned list, you can
+ * obtain the corresponding generic cipher information structure
+ * via mbedtls_cipher_info_from_type(), which can then be used
+ * to prepare a cipher context via mbedtls_cipher_setup().
+ *
+ *
+ * \return A statically-allocated array of cipher identifiers
+ * of type cipher_type_t. The last entry is zero.
*/
const int *mbedtls_cipher_list( void );
@@ -396,9 +414,8 @@
/**
- * \brief This function initializes and fills the cipher-context
- * structure with the appropriate values. It also clears
- * the structure.
+ * \brief This function initializes a cipher context for
+ * use with the given cipher primitive.
*
* \param ctx The context to initialize. This must be initialized.
* \param cipher_info The cipher to use.
@@ -416,6 +433,33 @@
int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief This function initializes a cipher context for
+ * PSA-based use with the given cipher primitive.
+ *
+ * \note See #MBEDTLS_USE_PSA_CRYPTO for information on PSA.
+ *
+ * \param ctx The context to initialize. May not be \c NULL.
+ * \param cipher_info The cipher to use.
+ * \param taglen For AEAD ciphers, the length in bytes of the
+ * authentication tag to use. Subsequent uses of
+ * mbedtls_cipher_auth_encrypt() or
+ * mbedtls_cipher_auth_decrypt() must provide
+ * the same tag length.
+ * For non-AEAD ciphers, the value must be \c 0.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ * parameter-verification failure.
+ * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
+ * cipher-specific context fails.
+ */
+int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
+ const mbedtls_cipher_info_t *cipher_info,
+ size_t taglen );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
/**
* \brief This function returns the block size of the given cipher.
*
@@ -638,7 +682,7 @@
* \param ctx The generic cipher context. This must be initialized.
* \param ad The additional data to use. This must be a readable
* buffer of at least \p ad_len Bytes.
- * \param ad_len the Length of \p ad Bytes.
+ * \param ad_len The length of \p ad in Bytes.
*
* \return \c 0 on success.
* \return A specific error code on failure.
@@ -681,8 +725,10 @@
* unsupported mode for a cipher.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
- size_t ilen, unsigned char *output, size_t *olen );
+int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
+ const unsigned char *input,
+ size_t ilen, unsigned char *output,
+ size_t *olen );
/**
* \brief The generic cipher finalization function. If data still
diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h
index c6def0b..d711339 100644
--- a/include/mbedtls/cipher_internal.h
+++ b/include/mbedtls/cipher_internal.h
@@ -34,6 +34,10 @@
#include "cipher.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -114,6 +118,30 @@
const mbedtls_cipher_info_t *info;
} mbedtls_cipher_definition_t;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+typedef enum
+{
+ MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
+ MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
+ /* use raw key material internally imported */
+ /* into a allocated key slot, and which */
+ /* hence need to destroy that key slot */
+ /* when they are no longer needed. */
+ MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts */
+ /* which use a key from a key slot */
+ /* provided by the user, and which */
+ /* hence should not be destroyed when */
+ /* the context is no longer needed. */
+} mbedtls_cipher_psa_key_ownership;
+
+typedef struct
+{
+ psa_algorithm_t alg;
+ psa_key_handle_t slot;
+ mbedtls_cipher_psa_key_ownership slot_state;
+} mbedtls_cipher_context_psa;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
extern int mbedtls_cipher_supported[];
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index c196793..9d42b3f 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -28,6 +28,12 @@
#ifndef MBEDTLS_CMAC_H
#define MBEDTLS_CMAC_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "cipher.h"
#ifdef __cplusplus
diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
index 213b691..a58b4724 100644
--- a/include/mbedtls/compat-1.3.h
+++ b/include/mbedtls/compat-1.3.h
@@ -25,6 +25,12 @@
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 91cc5bd..097361a 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -139,7 +139,7 @@
*
* System has time.h, time(), and an implementation for
* mbedtls_platform_gmtime_r() (see below).
- * The time needs to be correct (not necesarily very accurate, but at least
+ * The time needs to be correct (not necessarily very accurate, but at least
* the date should be correct). This is used to verify the validity period of
* X.509 certificates.
*
@@ -226,6 +226,7 @@
//#define MBEDTLS_PLATFORM_FPRINTF_ALT
//#define MBEDTLS_PLATFORM_PRINTF_ALT
//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
//#define MBEDTLS_PLATFORM_NV_SEED_ALT
//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
@@ -401,7 +402,7 @@
* \note Because of a signature change, the core AES encryption and decryption routines are
* currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
* respectively. When setting up alternative implementations, these functions should
- * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
+ * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
* must stay untouched.
*
* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
@@ -1146,6 +1147,31 @@
//#define MBEDTLS_ENTROPY_NV_SEED
/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
+/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
+ *
+ * In PSA key storage, encode the owner of the key.
+ *
+ * This is only meaningful when building the library as part of a
+ * multi-client service. When you activate this option, you must provide
+ * an implementation of the type psa_key_owner_id_t and a translation
+ * from psa_key_file_id_t to file name in all the storage backends that
+ * you wish to support.
+ *
+ * Note that this option is meant for internal use only and may be removed
+ * without notice.
+ */
+//#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
+
+/**
* \def MBEDTLS_MEMORY_DEBUG
*
* Enable debugging of buffer allocator memory issues. Automatically prints
@@ -1202,6 +1228,30 @@
#define MBEDTLS_PKCS1_V21
/**
+ * \def MBEDTLS_PSA_CRYPTO_SPM
+ *
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
+ * Partition Manager) integration which separates the code into two parts: a
+ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
+ * Environment).
+ *
+ * Module: library/psa_crypto.c
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_SPM
+
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
+/**
* \def MBEDTLS_RSA_NO_CRT
*
* Do not use the Chinese Remainder Theorem
@@ -1538,7 +1588,7 @@
* \def MBEDTLS_SSL_SESSION_TICKETS
*
* Enable support for RFC 5077 session tickets in SSL.
- * Client-side, provides full support for session tickets (maintainance of a
+ * Client-side, provides full support for session tickets (maintenance of a
* session store remains the responsibility of the application, though).
* Server-side, you also need to provide callbacks for writing and parsing
* tickets, including authenticated encryption and key management. Example
@@ -1625,6 +1675,24 @@
//#define MBEDTLS_THREADING_PTHREAD
/**
+ * \def MBEDTLS_USE_PSA_CRYPTO
+ *
+ * Make the X.509 and TLS library use PSA for cryptographic operations, see
+ * #MBEDTLS_PSA_CRYPTO_C.
+ *
+ * Note: this option is still in progress, the full X.509 and TLS modules are
+ * not covered yet, but parts that are not ported to PSA yet will still work
+ * as usual, so enabling this option should not break backwards compatibility.
+ *
+ * \warning Support for PSA is still an experimental feature.
+ * Any public API that depends on this option may change
+ * at any time until this warning is removed.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C.
+ */
+//#define MBEDTLS_USE_PSA_CRYPTO
+
+/**
* \def MBEDTLS_VERSION_FEATURES
*
* Allow run-time checking of compile-time enabled features. Thus allowing users
@@ -1704,7 +1772,7 @@
*
* \warning TLS-level compression MAY REDUCE SECURITY! See for example the
* CRIME attack. Before enabling this option, you should examine with care if
- * CRIME or similar exploits may be a applicable to your use case.
+ * CRIME or similar exploits may be applicable to your use case.
*
* \note Currently compression can't be used with DTLS.
*
@@ -2088,7 +2156,7 @@
* Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
*
*/
-//#define MBEDTLS_CMAC_C
+#define MBEDTLS_CMAC_C
/**
* \def MBEDTLS_CTR_DRBG_C
@@ -2633,6 +2701,58 @@
#define MBEDTLS_POLY1305_C
/**
+ * \def MBEDTLS_PSA_CRYPTO_C
+ *
+ * Enable the Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto.c
+ *
+ * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
+ *
+ * Enable the Platform Security Architecture persistent key storage.
+ *
+ * Module: library/psa_crypto_storage.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C and one of either
+ * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ * (but not both)
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ * Enable persistent key storage over files for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto_storage_file.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ *
+ * Enable persistent key storage over PSA ITS for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module: library/psa_crypto_storage_its.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+
+/**
* \def MBEDTLS_RIPEMD160_C
*
* Enable the RIPEMD-160 hash algorithm.
@@ -3016,7 +3136,7 @@
//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
-/* Note: your snprintf must correclty zero-terminate the buffer! */
+/* Note: your snprintf must correctly zero-terminate the buffer! */
//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
@@ -3033,8 +3153,9 @@
//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
-/* Note: your snprintf must correclty zero-terminate the buffer! */
+/* Note: your snprintf must correctly zero-terminate the buffer! */
//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 752c08e..cc3df7b 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -36,6 +36,12 @@
#ifndef MBEDTLS_CTR_DRBG_H
#define MBEDTLS_CTR_DRBG_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "aes.h"
#if defined(MBEDTLS_THREADING_C)
diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index 05b2b03..4479a1d 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h
@@ -34,6 +34,12 @@
#ifndef MBEDTLS_ECDH_H
#define MBEDTLS_ECDH_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "ecp.h"
/*
diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index 40fdab3..2943945 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -32,28 +32,39 @@
#ifndef MBEDTLS_ECDSA_H
#define MBEDTLS_ECDSA_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "ecp.h"
#include "md.h"
-/*
- * RFC-4492 page 20:
+/**
+ * \brief Maximum ECDSA signature size for a given curve bit size
*
+ * \param bits Curve size in bits
+ * \return Maximum signature size in bytes
+ *
+ * \note This macro returns a compile-time constant if its argument
+ * is one. It may evaluate its argument multiple times.
+ */
+/*
* Ecdsa-Sig-Value ::= SEQUENCE {
* r INTEGER,
* s INTEGER
* }
*
- * Size is at most
- * 1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
- * twice that + 1 (tag) + 2 (len) for the sequence
- * (assuming ECP_MAX_BYTES is less than 126 for r and s,
- * and less than 124 (total len <= 255) for the sequence)
+ * For each of r and s, the value (V) may include an extra initial "0" bit.
*/
-#if MBEDTLS_ECP_MAX_BYTES > 124
-#error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN"
-#endif
+#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) \
+ ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) + \
+ /*T,L of r,s*/ 2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) + \
+ /*V of r,s*/ ( ( bits ) + 8 ) / 8 ) )
+
/** The maximal size of an ECDSA signature in Bytes. */
-#define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
+#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS )
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h
index b967af8..3d8d02a 100644
--- a/include/mbedtls/ecjpake.h
+++ b/include/mbedtls/ecjpake.h
@@ -40,6 +40,11 @@
* The payloads are serialized in a way suitable for use in TLS, but could
* also be use outside TLS.
*/
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
#include "ecp.h"
#include "md.h"
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 1a96426..2401778 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -36,6 +36,12 @@
#ifndef MBEDTLS_ECP_H
#define MBEDTLS_ECP_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "bignum.h"
/*
diff --git a/include/mbedtls/ecp_internal.h b/include/mbedtls/ecp_internal.h
index 1804069..7625ed4 100644
--- a/include/mbedtls/ecp_internal.h
+++ b/include/mbedtls/ecp_internal.h
@@ -61,6 +61,12 @@
#ifndef MBEDTLS_ECP_INTERNAL_H
#define MBEDTLS_ECP_INTERNAL_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
/**
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 647a11a..bee0fe4 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_ERROR_H
#define MBEDTLS_ERROR_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include <stddef.h>
/**
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index dfce951..fd130ab 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -33,6 +33,12 @@
#ifndef MBEDTLS_GCM_H
#define MBEDTLS_GCM_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "cipher.h"
#include <stdint.h>
diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h
index 57e8c40..4c1c860 100644
--- a/include/mbedtls/havege.h
+++ b/include/mbedtls/havege.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_HAVEGE_H
#define MBEDTLS_HAVEGE_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include <stddef.h>
#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h
index e6ed7cd..40ee64e 100644
--- a/include/mbedtls/hkdf.h
+++ b/include/mbedtls/hkdf.h
@@ -27,6 +27,12 @@
#ifndef MBEDTLS_HKDF_H
#define MBEDTLS_HKDF_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "md.h"
/**
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index 146367b..f1289cb 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_HMAC_DRBG_H
#define MBEDTLS_HMAC_DRBG_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "md.h"
#if defined(MBEDTLS_THREADING_C)
@@ -76,7 +82,7 @@
*/
typedef struct mbedtls_hmac_drbg_context
{
- /* Working state: the key K is not stored explicitely,
+ /* Working state: the key K is not stored explicitly,
* but is implied by the HMAC context */
mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */
unsigned char V[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */
diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h
index 6c13b53..8cead58 100644
--- a/include/mbedtls/net.h
+++ b/include/mbedtls/net.h
@@ -23,6 +23,11 @@
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#include "net_sockets.h"
diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h
index 5a0f656..3b67b59 100644
--- a/include/mbedtls/nist_kw.h
+++ b/include/mbedtls/nist_kw.h
@@ -37,6 +37,12 @@
#ifndef MBEDTLS_NIST_KW_H
#define MBEDTLS_NIST_KW_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "cipher.h"
#ifdef __cplusplus
diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h
index 7a5d083..f05b72b 100644
--- a/include/mbedtls/padlock.h
+++ b/include/mbedtls/padlock.h
@@ -28,6 +28,12 @@
#ifndef MBEDTLS_PADLOCK_H
#define MBEDTLS_PADLOCK_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "aes.h"
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index fa82f7b..a29e9ce 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_PEM_H
#define MBEDTLS_PEM_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include <stddef.h>
/**
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 91950f9..24951a6 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -45,6 +45,10 @@
#include "ecdsa.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
@@ -83,6 +87,7 @@
MBEDTLS_PK_ECDSA,
MBEDTLS_PK_RSA_ALT,
MBEDTLS_PK_RSASSA_PSS,
+ MBEDTLS_PK_OPAQUE,
} mbedtls_pk_type_t;
/**
@@ -209,6 +214,11 @@
*
* \param ctx The context to clear. It must have been initialized.
* If this is \c NULL, this function does nothing.
+ *
+ * \note For contexts that have been set up with
+ * mbedtls_pk_setup_opaque(), this does not free the underlying
+ * key slot and you still need to call psa_destroy_key()
+ * independently if you want to destroy that key.
*/
void mbedtls_pk_free( mbedtls_pk_context *ctx );
@@ -247,6 +257,38 @@
*/
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief Initialize a PK context to wrap a PSA key slot.
+ *
+ * \note This function replaces mbedtls_pk_setup() for contexts
+ * that wrap a (possibly opaque) PSA key slot instead of
+ * storing and manipulating the key material directly.
+ *
+ * \param ctx The context to initialize. It must be empty (type NONE).
+ * \param key The PSA key slot to wrap, which must hold an ECC key pair
+ * (see notes below).
+ *
+ * \note The wrapped key slot must remain valid as long as the
+ * wrapping PK context is in use, that is at least between
+ * the point this function is called and the point
+ * mbedtls_pk_free() is called on this context. The wrapped
+ * key slot might then be independently used or destroyed.
+ *
+ * \note This function is currently only available for ECC key
+ * pairs (that is, ECC keys containing private key material).
+ * Support for other key types may be added later.
+ *
+ * \return \c 0 on success.
+ * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input
+ * (context already used, invalid key slot).
+ * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an
+ * ECC key pair.
+ * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
+ */
+int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/**
* \brief Initialize an RSA-alt context
@@ -501,7 +543,11 @@
* \param pub Context holding a public key.
* \param prv Context holding a private (and public) key.
*
- * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
+ * \return \c 0 on success (keys were checked and match each other).
+ * \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not
+ * be checked - in that case they may or may not match.
+ * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
+ * \return Another non-zero value if the keys do not match.
*/
int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
@@ -740,6 +786,31 @@
int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief Turn an EC key into an Opaque one
+ *
+ * \warning This is a temporary utility function for tests. It might
+ * change or be removed at any time without notice.
+ *
+ * \note Only ECDSA keys are supported so far. Signing with the
+ * specified hash is the only allowed use of that key.
+ *
+ * \param pk Input: the EC key to transfer to a PSA key slot.
+ * Output: a PK context wrapping that PSA key slot.
+ * \param slot Output: the chosen slot for storing the key.
+ * It's the caller's responsibility to destroy that slot
+ * after calling mbedtls_pk_free() on the PK context.
+ * \param hash_alg The hash algorithm to allow for use with that key.
+ *
+ * \return \c 0 if successful.
+ * \return An Mbed TLS error code otherwise.
+ */
+int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
+ psa_key_handle_t *slot,
+ psa_algorithm_t hash_alg );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h
index 48b7a5f..fc9ba13 100644
--- a/include/mbedtls/pk_internal.h
+++ b/include/mbedtls/pk_internal.h
@@ -135,4 +135,8 @@
extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+extern const mbedtls_pk_info_t mbedtls_pk_opaque_info;
+#endif
+
#endif /* MBEDTLS_PK_WRAP_H */
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 69f0417..d441357 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_PKCS12_H
#define MBEDTLS_PKCS12_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "md.h"
#include "cipher.h"
#include "asn1.h"
diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h
index c52350b..c92185f 100644
--- a/include/mbedtls/pkcs5.h
+++ b/include/mbedtls/pkcs5.h
@@ -26,6 +26,12 @@
#ifndef MBEDTLS_PKCS5_H
#define MBEDTLS_PKCS5_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "asn1.h"
#include "md.h"
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 89fe8a7..801a948 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -58,17 +58,33 @@
* \{
*/
+/* The older Microsoft Windows common runtime provides non-conforming
+ * implementations of some standard library functions, including snprintf
+ * and vsnprintf. This affects MSVC and MinGW builds.
+ */
+#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900)
+#define MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF
+#define MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF
+#endif
+
#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
-#if defined(_WIN32)
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
#define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use. */
#else
#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< The default \c snprintf function to use. */
#endif
#endif
+#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF)
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
+#define MBEDTLS_PLATFORM_STD_VSNPRINTF mbedtls_platform_win32_vsnprintf /**< The default \c vsnprintf function to use. */
+#else
+#define MBEDTLS_PLATFORM_STD_VSNPRINTF vsnprintf /**< The default \c vsnprintf function to use. */
+#endif
+#endif
#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< The default \c printf function to use. */
#endif
@@ -204,7 +220,7 @@
* - however it is acceptable to return -1 instead of the required length when
* the destination buffer is too short.
*/
-#if defined(_WIN32)
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
/* For Windows (inc. MSYS2), we provide our own fixed implementation */
int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... );
#endif
@@ -231,6 +247,41 @@
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
/*
+ * The function pointers for vsnprintf
+ *
+ * The vsnprintf implementation should conform to C99:
+ * - it *must* always correctly zero-terminate the buffer
+ * (except when n == 0, then it must leave the buffer untouched)
+ * - however it is acceptable to return -1 instead of the required length when
+ * the destination buffer is too short.
+ */
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
+/* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
+int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg );
+#endif
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
+#include <stdarg.h>
+extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg );
+
+/**
+ * \brief Set your own snprintf function pointer
+ *
+ * \param vsnprintf_func The \c vsnprintf function implementation
+ *
+ * \return \c 0
+ */
+int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
+ const char * format, va_list arg ) );
+#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
+#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
+#else
+#define mbedtls_vsnprintf vsnprintf
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+
+/*
* The function pointers for exit
*/
#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h
index b0e72ad..dba6d45 100644
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -26,14 +26,14 @@
#define MBEDTLS_PLATFORM_UTIL_H
#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
+#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
#if defined(MBEDTLS_HAVE_TIME_DATE)
-#include "mbedtls/platform_time.h"
+#include "platform_time.h"
#include <time.h>
#endif /* MBEDTLS_HAVE_TIME_DATE */
diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h
index 05866a2..f0ec44c 100644
--- a/include/mbedtls/poly1305.h
+++ b/include/mbedtls/poly1305.h
@@ -34,7 +34,7 @@
#define MBEDTLS_POLY1305_H
#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
+#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
new file mode 100644
index 0000000..b0c0428
--- /dev/null
+++ b/include/mbedtls/psa_util.h
@@ -0,0 +1,482 @@
+/**
+ * \file psa_util.h
+ *
+ * \brief Utility functions for the use of the PSA Crypto library.
+ *
+ * \warning This function is not part of the public API and may
+ * change at any time.
+ */
+/*
+ * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_PSA_UTIL_H
+#define MBEDTLS_PSA_UTIL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#include "psa/crypto.h"
+
+#include "ecp.h"
+#include "md.h"
+#include "pk.h"
+#include "oid.h"
+
+#include <string.h>
+
+/* Translations for symmetric crypto. */
+
+static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
+ mbedtls_cipher_type_t cipher )
+{
+ switch( cipher )
+ {
+ case MBEDTLS_CIPHER_AES_128_CCM:
+ case MBEDTLS_CIPHER_AES_192_CCM:
+ case MBEDTLS_CIPHER_AES_256_CCM:
+ case MBEDTLS_CIPHER_AES_128_GCM:
+ case MBEDTLS_CIPHER_AES_192_GCM:
+ case MBEDTLS_CIPHER_AES_256_GCM:
+ case MBEDTLS_CIPHER_AES_128_CBC:
+ case MBEDTLS_CIPHER_AES_192_CBC:
+ case MBEDTLS_CIPHER_AES_256_CBC:
+ return( PSA_KEY_TYPE_AES );
+
+ /* ARIA not yet supported in PSA. */
+ /* case MBEDTLS_CIPHER_ARIA_128_CCM:
+ case MBEDTLS_CIPHER_ARIA_192_CCM:
+ case MBEDTLS_CIPHER_ARIA_256_CCM:
+ case MBEDTLS_CIPHER_ARIA_128_GCM:
+ case MBEDTLS_CIPHER_ARIA_192_GCM:
+ case MBEDTLS_CIPHER_ARIA_256_GCM:
+ case MBEDTLS_CIPHER_ARIA_128_CBC:
+ case MBEDTLS_CIPHER_ARIA_192_CBC:
+ case MBEDTLS_CIPHER_ARIA_256_CBC:
+ return( PSA_KEY_TYPE_ARIA ); */
+
+ default:
+ return( 0 );
+ }
+}
+
+static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
+ mbedtls_cipher_mode_t mode, size_t taglen )
+{
+ switch( mode )
+ {
+ case MBEDTLS_MODE_GCM:
+ return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) );
+ case MBEDTLS_MODE_CCM:
+ return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) );
+ case MBEDTLS_MODE_CBC:
+ if( taglen == 0 )
+ return( PSA_ALG_CBC_NO_PADDING );
+ /* Intentional fallthrough for taglen != 0 */
+ /* fallthrough */
+ default:
+ return( 0 );
+ }
+}
+
+static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
+ mbedtls_operation_t op )
+{
+ switch( op )
+ {
+ case MBEDTLS_ENCRYPT:
+ return( PSA_KEY_USAGE_ENCRYPT );
+ case MBEDTLS_DECRYPT:
+ return( PSA_KEY_USAGE_DECRYPT );
+ default:
+ return( 0 );
+ }
+}
+
+/* Translations for hashing. */
+
+static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+{
+ switch( md_alg )
+ {
+#if defined(MBEDTLS_MD2_C)
+ case MBEDTLS_MD_MD2:
+ return( PSA_ALG_MD2 );
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case MBEDTLS_MD_MD4:
+ return( PSA_ALG_MD4 );
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case MBEDTLS_MD_MD5:
+ return( PSA_ALG_MD5 );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case MBEDTLS_MD_SHA1:
+ return( PSA_ALG_SHA_1 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case MBEDTLS_MD_SHA224:
+ return( PSA_ALG_SHA_224 );
+ case MBEDTLS_MD_SHA256:
+ return( PSA_ALG_SHA_256 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case MBEDTLS_MD_SHA384:
+ return( PSA_ALG_SHA_384 );
+ case MBEDTLS_MD_SHA512:
+ return( PSA_ALG_SHA_512 );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case MBEDTLS_MD_RIPEMD160:
+ return( PSA_ALG_RIPEMD160 );
+#endif
+ case MBEDTLS_MD_NONE: /* Intentional fallthrough */
+ default:
+ return( 0 );
+ }
+}
+
+/* Translations for ECC. */
+
+static inline int mbedtls_psa_get_ecc_oid_from_id(
+ psa_ecc_curve_t curve, char const **oid, size_t *oid_len )
+{
+ switch( curve )
+ {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+ case PSA_ECC_CURVE_SECP192R1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+ case PSA_ECC_CURVE_SECP224R1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+ case PSA_ECC_CURVE_SECP256R1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+ case PSA_ECC_CURVE_SECP384R1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+ case PSA_ECC_CURVE_SECP521R1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+ case PSA_ECC_CURVE_SECP192K1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+ case PSA_ECC_CURVE_SECP224K1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+ case PSA_ECC_CURVE_SECP256K1:
+ *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+ case PSA_ECC_CURVE_BRAINPOOL_P256R1:
+ *oid = MBEDTLS_OID_EC_GRP_BP256R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+ case PSA_ECC_CURVE_BRAINPOOL_P384R1:
+ *oid = MBEDTLS_OID_EC_GRP_BP384R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+ case PSA_ECC_CURVE_BRAINPOOL_P512R1:
+ *oid = MBEDTLS_OID_EC_GRP_BP512R1;
+ *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 );
+ return( 0 );
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+ }
+
+ return( -1 );
+}
+
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
+#undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 )
+#endif
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+
+static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
+{
+ switch( grpid )
+ {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP192R1:
+ return( PSA_ECC_CURVE_SECP192R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP224R1:
+ return( PSA_ECC_CURVE_SECP224R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP256R1:
+ return( PSA_ECC_CURVE_SECP256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP384R1:
+ return( PSA_ECC_CURVE_SECP384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP521R1:
+ return( PSA_ECC_CURVE_SECP521R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+ case MBEDTLS_ECP_DP_BP256R1:
+ return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+ case MBEDTLS_ECP_DP_BP384R1:
+ return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+ case MBEDTLS_ECP_DP_BP512R1:
+ return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ case MBEDTLS_ECP_DP_CURVE25519:
+ return( PSA_ECC_CURVE_CURVE25519 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP192K1:
+ return( PSA_ECC_CURVE_SECP192K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP224K1:
+ return( PSA_ECC_CURVE_SECP224K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+ case MBEDTLS_ECP_DP_SECP256K1:
+ return( PSA_ECC_CURVE_SECP256K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+ case MBEDTLS_ECP_DP_CURVE448:
+ return( PSA_ECC_CURVE_CURVE448 );
+#endif
+ default:
+ return( 0 );
+ }
+}
+
+
+#define MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) \
+ ( curve == PSA_ECC_CURVE_SECP192R1 ? 192 : \
+ curve == PSA_ECC_CURVE_SECP224R1 ? 224 : \
+ curve == PSA_ECC_CURVE_SECP256R1 ? 256 : \
+ curve == PSA_ECC_CURVE_SECP384R1 ? 384 : \
+ curve == PSA_ECC_CURVE_SECP521R1 ? 521 : \
+ curve == PSA_ECC_CURVE_SECP192K1 ? 192 : \
+ curve == PSA_ECC_CURVE_SECP224K1 ? 224 : \
+ curve == PSA_ECC_CURVE_SECP256K1 ? 256 : \
+ curve == PSA_ECC_CURVE_BRAINPOOL_P256R1 ? 256 : \
+ curve == PSA_ECC_CURVE_BRAINPOOL_P384R1 ? 384 : \
+ curve == PSA_ECC_CURVE_BRAINPOOL_P512R1 ? 512 : \
+ 0 )
+
+#define MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( curve ) \
+ ( ( MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( curve ) + 7 ) / 8 )
+
+/* Translations for PK layer */
+
+static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
+{
+ switch( status )
+ {
+ case PSA_SUCCESS:
+ return( 0 );
+ case PSA_ERROR_NOT_SUPPORTED:
+ return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+ case PSA_ERROR_INSUFFICIENT_MEMORY:
+ return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+ case PSA_ERROR_INSUFFICIENT_ENTROPY:
+ return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+ case PSA_ERROR_BAD_STATE:
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+ /* All other failures */
+ case PSA_ERROR_COMMUNICATION_FAILURE:
+ case PSA_ERROR_HARDWARE_FAILURE:
+ case PSA_ERROR_TAMPERING_DETECTED:
+ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+ default: /* We return the same as for the 'other failures',
+ * but list them separately nonetheless to indicate
+ * which failure conditions we have considered. */
+ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+ }
+}
+
+/* Translations for ECC */
+
+/* This function transforms an ECC group identifier from
+ * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
+ * into a PSA ECC group identifier. */
+static inline psa_ecc_curve_t mbedtls_psa_parse_tls_ecc_group(
+ uint16_t tls_ecc_grp_reg_id )
+{
+ /* The PSA identifiers are currently aligned with those from
+ * the TLS Supported Groups registry, so no conversion is necessary. */
+ return( (psa_ecc_curve_t) tls_ecc_grp_reg_id );
+}
+
+/* This function takes a buffer holding an EC public key
+ * exported through psa_export_public_key(), and converts
+ * it into an ECPoint structure to be put into a ClientKeyExchange
+ * message in an ECDHE exchange.
+ *
+ * Both the present and the foreseeable future format of EC public keys
+ * used by PSA have the ECPoint structure contained in the exported key
+ * as a subbuffer, and the function merely selects this subbuffer instead
+ * of making a copy.
+ */
+static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src,
+ size_t srclen,
+ unsigned char **dst,
+ size_t *dstlen )
+{
+ *dst = src;
+ *dstlen = srclen;
+ return( 0 );
+}
+
+/* This function takes a buffer holding an ECPoint structure
+ * (as contained in a TLS ServerKeyExchange message for ECDHE
+ * exchanges) and converts it into a format that the PSA key
+ * agreement API understands.
+ */
+static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( psa_ecc_curve_t curve,
+ unsigned char const *src,
+ size_t srclen,
+ unsigned char *dst,
+ size_t dstlen,
+ size_t *olen )
+{
+ ((void) curve);
+
+ if( srclen > dstlen )
+ return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+ memcpy( dst, src, srclen );
+ *olen = srclen;
+ return( 0 );
+}
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_PSA_UTIL_H */
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 906c427..489f2ed 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -150,13 +150,13 @@
* \note The choice of padding mode is strictly enforced for private key
* operations, since there might be security concerns in
* mixing padding modes. For public key operations it is
- * a default value, which can be overriden by calling specific
+ * a default value, which can be overridden by calling specific
* \c rsa_rsaes_xxx or \c rsa_rsassa_xxx functions.
*
* \note The hash selected in \p hash_id is always used for OEAP
* encryption. For PSS signatures, it is always used for
- * making signatures, but can be overriden for verifying them.
- * If set to #MBEDTLS_MD_NONE, it is always overriden.
+ * making signatures, but can be overridden for verifying them.
+ * If set to #MBEDTLS_MD_NONE, it is always overridden.
*
* \param ctx The RSA context to initialize. This must not be \c NULL.
* \param padding The padding mode to use. This must be either
@@ -601,7 +601,8 @@
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
* \param ilen The length of the plaintext in Bytes.
* \param input The input data to encrypt. This must be a readable
- * buffer of size \p ilen Bytes. This must not be \c NULL.
+ * buffer of size \p ilen Bytes. It may be \c NULL if
+ * `ilen == 0`.
* \param output The output buffer. This must be a writable buffer
* of length \c ctx->len Bytes. For example, \c 256 Bytes
* for an 2048-bit RSA modulus.
@@ -641,7 +642,8 @@
* #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated).
* \param ilen The length of the plaintext in Bytes.
* \param input The input data to encrypt. This must be a readable
- * buffer of size \p ilen Bytes. This must not be \c NULL.
+ * buffer of size \p ilen Bytes. It may be \c NULL if
+ * `ilen == 0`.
* \param output The output buffer. This must be a writable buffer
* of length \c ctx->len Bytes. For example, \c 256 Bytes
* for an 2048-bit RSA modulus.
@@ -685,7 +687,8 @@
* \param label_len The length of the label in Bytes.
* \param ilen The length of the plaintext buffer \p input in Bytes.
* \param input The input data to encrypt. This must be a readable
- * buffer of size \p ilen Bytes. This must not be \c NULL.
+ * buffer of size \p ilen Bytes. It may be \c NULL if
+ * `ilen == 0`.
* \param output The output buffer. This must be a writable buffer
* of length \c ctx->len Bytes. For example, \c 256 Bytes
* for an 2048-bit RSA modulus.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 8106bb4..46007a7 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -65,6 +65,10 @@
#include "platform_time.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
/*
* SSL Error codes
*/
@@ -923,19 +927,37 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
- unsigned char *psk; /*!< pre-shared key. This field should
- only be set via
- mbedtls_ssl_conf_psk() */
- size_t psk_len; /*!< length of the pre-shared key. This
- field should only be set via
- mbedtls_ssl_conf_psk() */
- unsigned char *psk_identity; /*!< identity for PSK negotiation. This
- field should only be set via
- mbedtls_ssl_conf_psk() */
- size_t psk_identity_len;/*!< length of identity. This field should
- only be set via
- mbedtls_ssl_conf_psk() */
-#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_key_handle_t psk_opaque; /*!< PSA key slot holding opaque PSK.
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk_opaque().
+ * If either no PSK or a raw PSK have
+ * been configured, this has value \c 0. */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ unsigned char *psk; /*!< The raw pre-shared key. This field should
+ * only be set via mbedtls_ssl_conf_psk().
+ * If either no PSK or an opaque PSK
+ * have been configured, this has value NULL. */
+ size_t psk_len; /*!< The length of the raw pre-shared key.
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * Its value is non-zero if and only if
+ * \c psk is not \c NULL. */
+
+ unsigned char *psk_identity; /*!< The PSK identity for PSK negotiation.
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * This is set if and only if either
+ * \c psk or \c psk_opaque are set. */
+ size_t psk_identity_len;/*!< The length of PSK identity.
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * Its value is non-zero if and only if
+ * \c psk is not \c NULL or \c psk_opaque
+ * is not \c 0. */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
const char **alpn_list; /*!< ordered list of protocols */
@@ -2033,7 +2055,7 @@
* provision more than one cert/key pair (eg one ECDSA, one
* RSA with SHA-256, one RSA with SHA-1). An adequate
* certificate will be selected according to the client's
- * advertised capabilities. In case mutliple certificates are
+ * advertised capabilities. In case multiple certificates are
* adequate, preference is given to the one set by the first
* call to this function, then second, etc.
*
@@ -2065,68 +2087,146 @@
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
/**
- * \brief Set the Pre Shared Key (PSK) and the expected identity name
+ * \brief Configure a pre-shared key (PSK) and identity
+ * to be used in PSK-based ciphersuites.
*
* \note This is mainly useful for clients. Servers will usually
* want to use \c mbedtls_ssl_conf_psk_cb() instead.
*
- * \note Currently clients can only register one pre-shared key.
- * In other words, the servers' identity hint is ignored.
+ * \warning Currently, clients can only register a single pre-shared key.
+ * Calling this function or mbedtls_ssl_conf_psk_opaque() more
+ * than once will overwrite values configured in previous calls.
* Support for setting multiple PSKs on clients and selecting
- * one based on the identity hint is not a planned feature but
- * feedback is welcomed.
+ * one based on the identity hint is not a planned feature,
+ * but feedback is welcomed.
*
- * \param conf SSL configuration
- * \param psk pointer to the pre-shared key
- * \param psk_len pre-shared key length
- * \param psk_identity pointer to the pre-shared key identity
- * \param psk_identity_len identity key length
+ * \param conf The SSL configuration to register the PSK with.
+ * \param psk The pointer to the pre-shared key to use.
+ * \param psk_len The length of the pre-shared key in bytes.
+ * \param psk_identity The pointer to the pre-shared key identity.
+ * \param psk_identity_len The length of the pre-shared key identity
+ * in bytes.
*
- * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ * \note The PSK and its identity are copied internally and
+ * hence need not be preserved by the caller for the lifetime
+ * of the SSL configuration.
+ *
+ * \return \c 0 if successful.
+ * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
const unsigned char *psk, size_t psk_len,
const unsigned char *psk_identity, size_t psk_identity_len );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief Configure an opaque pre-shared key (PSK) and identity
+ * to be used in PSK-based ciphersuites.
+ *
+ * \note This is mainly useful for clients. Servers will usually
+ * want to use \c mbedtls_ssl_conf_psk_cb() instead.
+ *
+ * \warning Currently, clients can only register a single pre-shared key.
+ * Calling this function or mbedtls_ssl_conf_psk() more than
+ * once will overwrite values configured in previous calls.
+ * Support for setting multiple PSKs on clients and selecting
+ * one based on the identity hint is not a planned feature,
+ * but feedback is welcomed.
+ *
+ * \param conf The SSL configuration to register the PSK with.
+ * \param psk The identifier of the key slot holding the PSK.
+ * Until \p conf is destroyed or this function is successfully
+ * called again, the key slot \p psk must be populated with a
+ * key of type PSA_ALG_CATEGORY_KEY_DERIVATION whose policy
+ * allows its use for the key derivation algorithm applied
+ * in the handshake.
+ * \param psk_identity The pointer to the pre-shared key identity.
+ * \param psk_identity_len The length of the pre-shared key identity
+ * in bytes.
+ *
+ * \note The PSK identity hint is copied internally and hence need
+ * not be preserved by the caller for the lifetime of the
+ * SSL configuration.
+ *
+ * \return \c 0 if successful.
+ * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
+ */
+int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
+ psa_key_handle_t psk,
+ const unsigned char *psk_identity,
+ size_t psk_identity_len );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
/**
- * \brief Set the Pre Shared Key (PSK) for the current handshake
+ * \brief Set the pre-shared Key (PSK) for the current handshake.
*
* \note This should only be called inside the PSK callback,
- * ie the function passed to \c mbedtls_ssl_conf_psk_cb().
+ * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb().
*
- * \param ssl SSL context
- * \param psk pointer to the pre-shared key
- * \param psk_len pre-shared key length
+ * \param ssl The SSL context to configure a PSK for.
+ * \param psk The pointer to the pre-shared key.
+ * \param psk_len The length of the pre-shared key in bytes.
*
- * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ * \return \c 0 if successful.
+ * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
const unsigned char *psk, size_t psk_len );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief Set an opaque pre-shared Key (PSK) for the current handshake.
+ *
+ * \note This should only be called inside the PSK callback,
+ * i.e. the function passed to \c mbedtls_ssl_conf_psk_cb().
+ *
+ * \param ssl The SSL context to configure a PSK for.
+ * \param psk The identifier of the key slot holding the PSK.
+ * For the duration of the current handshake, the key slot
+ * must be populated with a key of type
+ * PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its
+ * use for the key derivation algorithm
+ * applied in the handshake.
+ *
+ * \return \c 0 if successful.
+ * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
+ */
+int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
+ psa_key_handle_t psk );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
/**
* \brief Set the PSK callback (server-side only).
*
* If set, the PSK callback is called for each
- * handshake where a PSK ciphersuite was negotiated.
+ * handshake where a PSK-based ciphersuite was negotiated.
* The caller provides the identity received and wants to
* receive the actual PSK data and length.
*
- * The callback has the following parameters: (void *parameter,
- * mbedtls_ssl_context *ssl, const unsigned char *psk_identity,
- * size_t identity_len)
+ * The callback has the following parameters:
+ * - \c void*: The opaque pointer \p p_psk.
+ * - \c mbedtls_ssl_context*: The SSL context to which
+ * the operation applies.
+ * - \c const unsigned char*: The PSK identity
+ * selected by the client.
+ * - \c size_t: The length of the PSK identity
+ * selected by the client.
+ *
* If a valid PSK identity is found, the callback should use
- * \c mbedtls_ssl_set_hs_psk() on the ssl context to set the
- * correct PSK and return 0.
+ * \c mbedtls_ssl_set_hs_psk() or
+ * \c mbedtls_ssl_set_hs_psk_opaque()
+ * on the SSL context to set the correct PSK and return \c 0.
* Any other return value will result in a denied PSK identity.
*
* \note If you set a PSK callback using this function, then you
* don't need to set a PSK key and identity using
* \c mbedtls_ssl_conf_psk().
*
- * \param conf SSL configuration
- * \param f_psk PSK identity function
- * \param p_psk PSK identity parameter
+ * \param conf The SSL configuration to register the callback with.
+ * \param f_psk The callback for selecting and setting the PSK based
+ * in the PSK identity chosen by the client.
+ * \param p_psk A pointer to an opaque structure to be passed to
+ * the callback, for example a PSK store.
*/
void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
@@ -3200,7 +3300,7 @@
* mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free().
*
* \note You need to call mbedtls_ssl_config_defaults() unless you
- * manually set all of the relevent fields yourself.
+ * manually set all of the relevant fields yourself.
*
* \param conf SSL configuration context
*/
diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h
index ec081e6..52ba094 100644
--- a/include/mbedtls/ssl_cache.h
+++ b/include/mbedtls/ssl_cache.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_CACHE_H
#define MBEDTLS_SSL_CACHE_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "ssl.h"
#if defined(MBEDTLS_THREADING_C)
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index cda8b48..71053e5 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_CIPHERSUITES_H
#define MBEDTLS_SSL_CIPHERSUITES_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "pk.h"
#include "cipher.h"
#include "md.h"
diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h
index 6a0ad4f..e34760a 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_COOKIE_H
#define MBEDTLS_SSL_COOKIE_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "ssl.h"
#if defined(MBEDTLS_THREADING_C)
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 97abb9f..be7f41b 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -24,9 +24,19 @@
#ifndef MBEDTLS_SSL_INTERNAL_H
#define MBEDTLS_SSL_INTERNAL_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
#include "ssl.h"
#include "cipher.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
#if defined(MBEDTLS_MD5_C)
#include "md5.h"
#endif
@@ -47,6 +57,11 @@
#include "ecjpake.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "psa_util.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
@@ -270,7 +285,15 @@
#endif
#if defined(MBEDTLS_ECDH_C)
mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */
-#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_ecc_curve_t ecdh_psa_curve;
+ psa_key_handle_t ecdh_psa_privkey;
+ unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
+ size_t ecdh_psa_peerkey_len;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_ECDH_C */
+
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
mbedtls_ecjpake_context ecjpake_ctx; /*!< EC J-PAKE key exchange */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -283,9 +306,12 @@
const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_key_handle_t psk_opaque; /*!< Opaque PSK from the callback */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char *psk; /*!< PSK from the callback */
size_t psk_len; /*!< Length of PSK from callback */
-#endif
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@@ -367,11 +393,19 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_operation_t fin_sha256_psa;
+#else
mbedtls_sha256_context fin_sha256;
#endif
+#endif
#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_operation_t fin_sha384_psa;
+#else
mbedtls_sha512_context fin_sha512;
#endif
+#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
@@ -762,6 +796,7 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
+/* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
unsigned char *hash, size_t *hashlen,
unsigned char *data, size_t data_len,
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index b2686df..774a007 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -24,6 +24,12 @@
#ifndef MBEDTLS_SSL_TICKET_H
#define MBEDTLS_SSL_TICKET_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
/*
* This implementation of the session ticket callbacks includes key
* management, rotating the keys periodically in order to preserve forward
@@ -111,14 +117,14 @@
/**
* \brief Implementation of the ticket write callback
*
- * \note See \c mbedlts_ssl_ticket_write_t for description
+ * \note See \c mbedtls_ssl_ticket_write_t for description
*/
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
/**
* \brief Implementation of the ticket parse callback
*
- * \note See \c mbedlts_ssl_ticket_parse_t for description
+ * \note See \c mbedtls_ssl_ticket_parse_t for description
*/
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 9ae825c..63aae32 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -77,7 +77,7 @@
#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */
-#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occured, eg the chain is too long or the vrfy callback failed. */
+#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
/* \} name */
/**
@@ -250,7 +250,7 @@
*
* \param to mbedtls_x509_time to check
*
- * \return 1 if the given time is in the past or an error occured,
+ * \return 1 if the given time is in the past or an error occurred,
* 0 otherwise.
*/
int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
@@ -264,7 +264,7 @@
*
* \param from mbedtls_x509_time to check
*
- * \return 1 if the given time is in the future or an error occured,
+ * \return 1 if the given time is in the future or an error occurred,
* 0 otherwise.
*/
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index 08a4283..fa838d6 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -111,7 +111,7 @@
/**
* \brief Parse one or more CRLs and append them to the chained list
*
- * \note Mutliple CRLs are accepted only if using PEM format
+ * \note Multiple CRLs are accepted only if using PEM format
*
* \param chain points to the start of the chain
* \param buf buffer holding the CRL data in PEM or DER format
@@ -126,7 +126,7 @@
/**
* \brief Load one or more CRLs and append them to the chained list
*
- * \note Mutliple CRLs are accepted only if using PEM format
+ * \note Multiple CRLs are accepted only if using PEM format
*
* \param chain points to the start of the chain
* \param path filename to read the CRLs from (in PEM or DER encoding)
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 3dd5922..72c3901 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -52,6 +52,8 @@
*/
typedef struct mbedtls_x509_crt
{
+ int own_buffer; /**< Indicates if \c raw is owned
+ * by the structure or not. */
mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
@@ -220,16 +222,58 @@
/**
* \brief Parse a single DER formatted certificate and add it
- * to the chained list.
+ * to the end of the provided chained list.
*
- * \param chain points to the start of the chain
- * \param buf buffer holding the certificate DER data
- * \param buflen size of the buffer
+ * \param chain The pointer to the start of the CRT chain to attach to.
+ * When parsing the first CRT in a chain, this should point
+ * to an instance of ::mbedtls_x509_crt initialized through
+ * mbedtls_x509_crt_init().
+ * \param buf The buffer holding the DER encoded certificate.
+ * \param buflen The size in Bytes of \p buf.
*
- * \return 0 if successful, or a specific X509 or PEM error code
+ * \note This function makes an internal copy of the CRT buffer
+ * \p buf. In particular, \p buf may be destroyed or reused
+ * after this call returns. To avoid duplicating the CRT
+ * buffer (at the cost of stricter lifetime constraints),
+ * use mbedtls_x509_crt_parse_der_nocopy() instead.
+ *
+ * \return \c 0 if successful.
+ * \return A negative error code on failure.
*/
-int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf,
- size_t buflen );
+int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen );
+
+/**
+ * \brief Parse a single DER formatted certificate and add it
+ * to the end of the provided chained list. This is a
+ * variant of mbedtls_x509_crt_parse_der() which takes
+ * temporary ownership of the CRT buffer until the CRT
+ * is destroyed.
+ *
+ * \param chain The pointer to the start of the CRT chain to attach to.
+ * When parsing the first CRT in a chain, this should point
+ * to an instance of ::mbedtls_x509_crt initialized through
+ * mbedtls_x509_crt_init().
+ * \param buf The address of the readable buffer holding the DER encoded
+ * certificate to use. On success, this buffer must be
+ * retained and not be changed for the liftetime of the
+ * CRT chain \p chain, that is, until \p chain is destroyed
+ * through a call to mbedtls_x509_crt_free().
+ * \param buflen The size in Bytes of \p buf.
+ *
+ * \note This call is functionally equivalent to
+ * mbedtls_x509_crt_parse_der(), but it avoids creating a
+ * copy of the input buffer at the cost of stronger lifetime
+ * constraints. This is useful in constrained environments
+ * where duplication of the CRT cannot be tolerated.
+ *
+ * \return \c 0 if successful.
+ * \return A negative error code on failure.
+ */
+int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen );
/**
* \brief Parse one DER-encoded or one or more concatenated PEM-encoded
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
new file mode 100644
index 0000000..b62788b
--- /dev/null
+++ b/include/psa/crypto.h
@@ -0,0 +1,2388 @@
+/**
+ * \file psa/crypto.h
+ * \brief Platform Security Architecture cryptography module
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_H
+#define PSA_CRYPTO_H
+
+#include "crypto_platform.h"
+
+#include <stddef.h>
+
+#ifdef __DOXYGEN_ONLY__
+/* This __DOXYGEN_ONLY__ block contains mock definitions for things that
+ * must be defined in the crypto_platform.h header. These mock definitions
+ * are present in this file as a convenience to generate pretty-printed
+ * documentation that includes those definitions. */
+
+/** \defgroup platform Implementation-specific definitions
+ * @{
+ */
+
+/** \brief Key handle.
+ *
+ * This type represents open handles to keys. It must be an unsigned integral
+ * type. The choice of type is implementation-dependent.
+ *
+ * 0 is not a valid key handle. How other handle values are assigned is
+ * implementation-dependent.
+ */
+typedef _unsigned_integral_type_ psa_key_handle_t;
+
+/**@}*/
+#endif /* __DOXYGEN_ONLY__ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* The file "crypto_types.h" declares types that encode errors,
+ * algorithms, key types, policies, etc. */
+#include "crypto_types.h"
+
+/* The file "crypto_values.h" declares macros to build and analyze values
+ * of integral types defined in "crypto_types.h". */
+#include "crypto_values.h"
+
+/** \defgroup initialization Library initialization
+ * @{
+ */
+
+/**
+ * \brief Library initialization.
+ *
+ * Applications must call this function before calling any other
+ * function in this module.
+ *
+ * Applications may call this function more than once. Once a call
+ * succeeds, subsequent calls are guaranteed to succeed.
+ *
+ * If the application calls other functions before calling psa_crypto_init(),
+ * the behavior is undefined. Implementations are encouraged to either perform
+ * the operation as if the library had been initialized or to return
+ * #PSA_ERROR_BAD_STATE or some other applicable error. In particular,
+ * implementations should not return a success status if the lack of
+ * initialization may have security implications, for example due to improper
+ * seeding of the random number generator.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ */
+psa_status_t psa_crypto_init(void);
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/** The type of the key policy data structure.
+ *
+ * Before calling any function on a key policy, the application must initialize
+ * it by any of the following means:
+ * - Set the structure to all-bits-zero, for example:
+ * \code
+ * psa_key_policy_t policy;
+ * memset(&policy, 0, sizeof(policy));
+ * \endcode
+ * - Initialize the structure to logical zero values, for example:
+ * \code
+ * psa_key_policy_t policy = {0};
+ * \endcode
+ * - Initialize the structure to the initializer #PSA_KEY_POLICY_INIT,
+ * for example:
+ * \code
+ * psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ * \endcode
+ * - Assign the result of the function psa_key_policy_init()
+ * to the structure, for example:
+ * \code
+ * psa_key_policy_t policy;
+ * policy = psa_key_policy_init();
+ * \endcode
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
+typedef struct psa_key_policy_s psa_key_policy_t;
+
+/** \def PSA_KEY_POLICY_INIT
+ *
+ * This macro returns a suitable initializer for a key policy object of type
+ * #psa_key_policy_t.
+ */
+#ifdef __DOXYGEN_ONLY__
+/* This is an example definition for documentation purposes.
+ * Implementations should define a suitable value in `crypto_struct.h`.
+ */
+#define PSA_KEY_POLICY_INIT {0}
+#endif
+
+/** Return an initial value for a key policy that forbids all usage of the key.
+ */
+static psa_key_policy_t psa_key_policy_init(void);
+
+/** \brief Set the standard fields of a policy structure.
+ *
+ * Note that this function does not make any consistency check of the
+ * parameters. The values are only checked when applying the policy to
+ * a key slot with psa_set_key_policy().
+ *
+ * \param[in,out] policy The key policy to modify. It must have been
+ * initialized as per the documentation for
+ * #psa_key_policy_t.
+ * \param usage The permitted uses for the key.
+ * \param alg The algorithm that the key may be used for.
+ */
+void psa_key_policy_set_usage(psa_key_policy_t *policy,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg);
+
+/** \brief Retrieve the usage field of a policy structure.
+ *
+ * \param[in] policy The policy object to query.
+ *
+ * \return The permitted uses for a key with this policy.
+ */
+psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy);
+
+/** \brief Retrieve the algorithm field of a policy structure.
+ *
+ * \param[in] policy The policy object to query.
+ *
+ * \return The permitted algorithm for a key with this policy.
+ */
+psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
+
+/** \brief Set the usage policy on a key slot.
+ *
+ * This function must be called on an empty key slot, before importing,
+ * generating or creating a key in the slot. Changing the policy of an
+ * existing key is not permitted.
+ *
+ * Implementations may set restrictions on supported key policies
+ * depending on the key type and the key slot.
+ *
+ * \param handle Handle to the key whose policy is to be changed.
+ * \param[in] policy The policy object to query.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * If the key is persistent, it is implementation-defined whether
+ * the policy has been saved to persistent storage. Implementations
+ * may defer saving the policy until the key material is created.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_set_key_policy(psa_key_handle_t handle,
+ const psa_key_policy_t *policy);
+
+/** \brief Get the usage policy for a key slot.
+ *
+ * \param handle Handle to the key slot whose policy is being queried.
+ * \param[out] policy On success, the key's policy.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_get_key_policy(psa_key_handle_t handle,
+ psa_key_policy_t *policy);
+
+/**@}*/
+
+/** \defgroup key_management Key management
+ * @{
+ */
+
+/** \brief Retrieve the lifetime of an open key.
+ *
+ * \param handle Handle to query.
+ * \param[out] lifetime On success, the lifetime value.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
+ psa_key_lifetime_t *lifetime);
+
+
+/** Allocate a key slot for a transient key, i.e. a key which is only stored
+ * in volatile memory.
+ *
+ * The allocated key slot and its handle remain valid until the
+ * application calls psa_close_key() or psa_destroy_key() or until the
+ * application terminates.
+ *
+ * \param[out] handle On success, a handle to a volatile key slot.
+ *
+ * \retval #PSA_SUCCESS
+ * Success. The application can now use the value of `*handle`
+ * to access the newly allocated key slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * There was not enough memory, or the maximum number of key slots
+ * has been reached.
+ */
+psa_status_t psa_allocate_key(psa_key_handle_t *handle);
+
+/** Open a handle to an existing persistent key.
+ *
+ * Open a handle to a key which was previously created with psa_create_key().
+ *
+ * \param lifetime The lifetime of the key. This designates a storage
+ * area where the key material is stored. This must not
+ * be #PSA_KEY_LIFETIME_VOLATILE.
+ * \param id The persistent identifier of the key.
+ * \param[out] handle On success, a handle to a key slot which contains
+ * the data and metadata loaded from the specified
+ * persistent location.
+ *
+ * \retval #PSA_SUCCESS
+ * Success. The application can now use the value of `*handle`
+ * to access the newly allocated key slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p id is invalid for the specified lifetime.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p lifetime is not supported.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * The specified key exists, but the application does not have the
+ * permission to access it. Note that this specification does not
+ * define any way to create such a key, but it may be possible
+ * through implementation-specific means.
+ */
+psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
+ psa_key_id_t id,
+ psa_key_handle_t *handle);
+
+/** Create a new persistent key slot.
+ *
+ * Create a new persistent key slot and return a handle to it. The handle
+ * remains valid until the application calls psa_close_key() or terminates.
+ * The application can open the key again with psa_open_key() until it
+ * removes the key by calling psa_destroy_key().
+ *
+ * \param lifetime The lifetime of the key. This designates a storage
+ * area where the key material is stored. This must not
+ * be #PSA_KEY_LIFETIME_VOLATILE.
+ * \param id The persistent identifier of the key.
+ * \param[out] handle On success, a handle to the newly created key slot.
+ * When key material is later created in this key slot,
+ * it will be saved to the specified persistent location.
+ *
+ * \retval #PSA_SUCCESS
+ * Success. The application can now use the value of `*handle`
+ * to access the newly allocated key slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * There is already a key with the identifier \p id in the storage
+ * area designated by \p lifetime.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p id is invalid for the specified lifetime.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p lifetime is not supported.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \p lifetime is valid, but the application does not have the
+ * permission to create a key there.
+ */
+psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
+ psa_key_id_t id,
+ psa_key_handle_t *handle);
+
+/** Close a key handle.
+ *
+ * If the handle designates a volatile key, destroy the key material and
+ * free all associated resources, just like psa_destroy_key().
+ *
+ * If the handle designates a persistent key, free all resources associated
+ * with the key in volatile memory. The key slot in persistent storage is
+ * not affected and can be opened again later with psa_open_key().
+ *
+ * \param handle The key handle to close.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ */
+psa_status_t psa_close_key(psa_key_handle_t handle);
+
+/**@}*/
+
+/** \defgroup import_export Key import and export
+ * @{
+ */
+
+/**
+ * \brief Import a key in binary format.
+ *
+ * This function supports any output from psa_export_key(). Refer to the
+ * documentation of psa_export_public_key() for the format of public keys
+ * and to the documentation of psa_export_key() for the format for
+ * other key types.
+ *
+ * This specification supports a single format for each key type.
+ * Implementations may support other formats as long as the standard
+ * format is supported. Implementations that support other formats
+ * should ensure that the formats are clearly unambiguous so as to
+ * minimize the risk that an invalid input is accidentally interpreted
+ * according to a different format.
+ *
+ * \param handle Handle to the slot where the key will be stored.
+ * It must have been obtained by calling
+ * psa_allocate_key() or psa_create_key() and must
+ * not contain key material yet.
+ * \param type Key type (a \c PSA_KEY_TYPE_XXX value). On a successful
+ * import, the key slot will contain a key of this type.
+ * \param[in] data Buffer containing the key data. The content of this
+ * buffer is interpreted according to \p type. It must
+ * contain the format described in the documentation
+ * of psa_export_key() or psa_export_public_key() for
+ * the chosen type.
+ * \param data_length Size of the \p data buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * If the key is persistent, the key material and the key's metadata
+ * have been saved to persistent storage.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * The key type or key size is not supported, either by the
+ * implementation in general or in this particular slot.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The key slot is invalid,
+ * or the key data is not correctly formatted.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * There is already a key in the specified slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_import_key(psa_key_handle_t handle,
+ psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length);
+
+/**
+ * \brief Destroy a key.
+ *
+ * This function destroys the content of the key slot from both volatile
+ * memory and, if applicable, non-volatile storage. Implementations shall
+ * make a best effort to ensure that any previous content of the slot is
+ * unrecoverable.
+ *
+ * This function also erases any metadata such as policies and frees all
+ * resources associated with the key.
+ *
+ * \param handle Handle to the key slot to erase.
+ *
+ * \retval #PSA_SUCCESS
+ * The slot's content, if any, has been erased.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * The slot holds content and cannot be erased because it is
+ * read-only, either due to a policy or due to physical restrictions.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * There was an failure in communication with the cryptoprocessor.
+ * The key material may still be present in the cryptoprocessor.
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * The storage is corrupted. Implementations shall make a best effort
+ * to erase key material even in this stage, however applications
+ * should be aware that it may be impossible to guarantee that the
+ * key material is not recoverable in such cases.
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * An unexpected condition which is not a storage corruption or
+ * a communication failure occurred. The cryptoprocessor may have
+ * been compromised.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_destroy_key(psa_key_handle_t handle);
+
+/**
+ * \brief Get basic metadata about a key.
+ *
+ * \param handle Handle to the key slot to query.
+ * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX value).
+ * This may be a null pointer, in which case the key type
+ * is not written.
+ * \param[out] bits On success, the key size in bits.
+ * This may be a null pointer, in which case the key size
+ * is not written.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * The handle is to a key slot which does not contain key material yet.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_get_key_information(psa_key_handle_t handle,
+ psa_key_type_t *type,
+ size_t *bits);
+
+/**
+ * \brief Export a key in binary format.
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an equivalent object.
+ *
+ * If the implementation of psa_import_key() supports other formats
+ * beyond the format specified here, the output from psa_export_key()
+ * must use the representation specified here, not the original
+ * representation.
+ *
+ * For standard key types, the output format is as follows:
+ *
+ * - For symmetric keys (including MAC keys), the format is the
+ * raw bytes of the key.
+ * - For DES, the key data consists of 8 bytes. The parity bits must be
+ * correct.
+ * - For Triple-DES, the format is the concatenation of the
+ * two or three DES keys.
+ * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
+ * is the non-encrypted DER encoding of the representation defined by
+ * PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0.
+ * ```
+ * RSAPrivateKey ::= SEQUENCE {
+ * version INTEGER, -- must be 0
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER, -- e
+ * privateExponent INTEGER, -- d
+ * prime1 INTEGER, -- p
+ * prime2 INTEGER, -- q
+ * exponent1 INTEGER, -- d mod (p-1)
+ * exponent2 INTEGER, -- d mod (q-1)
+ * coefficient INTEGER, -- (inverse of q) mod p
+ * }
+ * ```
+ * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format
+ * is the non-encrypted DER encoding of the representation used by
+ * OpenSSL and OpenSSH, whose structure is described in ASN.1 as follows:
+ * ```
+ * DSAPrivateKey ::= SEQUENCE {
+ * version INTEGER, -- must be 0
+ * prime INTEGER, -- p
+ * subprime INTEGER, -- q
+ * generator INTEGER, -- g
+ * public INTEGER, -- y
+ * private INTEGER, -- x
+ * }
+ * ```
+ * - For elliptic curve key pairs (key types for which
+ * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is
+ * a representation of the private value as a `ceiling(m/8)`-byte string
+ * where `m` is the bit size associated with the curve, i.e. the bit size
+ * of the order of the curve's coordinate field. This byte string is
+ * in little-endian order for Montgomery curves (curve types
+ * `PSA_ECC_CURVE_CURVEXXX`), and in big-endian order for Weierstrass
+ * curves (curve types `PSA_ECC_CURVE_SECTXXX`, `PSA_ECC_CURVE_SECPXXX`
+ * and `PSA_ECC_CURVE_BRAINPOOL_PXXX`).
+ * This is the content of the `privateKey` field of the `ECPrivateKey`
+ * format defined by RFC 5915.
+ * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is
+ * true), the format is the same as for psa_export_public_key().
+ *
+ * \param handle Handle to the key to export.
+ * \param[out] data Buffer where the key data is to be written.
+ * \param data_size Size of the \p data buffer in bytes.
+ * \param[out] data_length On success, the number of bytes
+ * that make up the key data.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p data buffer is too small. You can determine a
+ * sufficient buffer size by calling
+ * #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits)
+ * where \c type is the key type
+ * and \c bits is the key size in bits.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_export_key(psa_key_handle_t handle,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length);
+
+/**
+ * \brief Export a public key or the public part of a key pair in binary format.
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an object that is equivalent to the public key.
+ *
+ * This specification supports a single format for each key type.
+ * Implementations may support other formats as long as the standard
+ * format is supported. Implementations that support other formats
+ * should ensure that the formats are clearly unambiguous so as to
+ * minimize the risk that an invalid input is accidentally interpreted
+ * according to a different format.
+ *
+ * For standard key types, the output format is as follows:
+ * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the DER encoding of
+ * the representation defined by RFC 3279 §2.3.1 as `RSAPublicKey`.
+ * ```
+ * RSAPublicKey ::= SEQUENCE {
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER } -- e
+ * ```
+ * - For elliptic curve public keys (key types for which
+ * #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed
+ * representation defined by SEC1 §2.3.3 as the content of an ECPoint:
+ * Let `m` be the bit size associated with the curve, i.e. the bit size of
+ * `q` for a curve over `F_q`. The representation consists of:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
+ *
+ * For other public key types, the format is the DER representation defined by
+ * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format
+ * specified below.
+ * ```
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING }
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters ANY DEFINED BY algorithm OPTIONAL }
+ * ```
+ * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
+ * the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as
+ * `DSAPublicKey`,
+ * with the OID `id-dsa`,
+ * and with the parameters `DSS-Parms`.
+ * ```
+ * id-dsa OBJECT IDENTIFIER ::= {
+ * iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 }
+ *
+ * Dss-Parms ::= SEQUENCE {
+ * p INTEGER,
+ * q INTEGER,
+ * g INTEGER }
+ * DSAPublicKey ::= INTEGER -- public key, Y
+ * ```
+ *
+ * \param handle Handle to the key to export.
+ * \param[out] data Buffer where the key data is to be written.
+ * \param data_size Size of the \p data buffer in bytes.
+ * \param[out] data_length On success, the number of bytes
+ * that make up the key data.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The key is neither a public key nor a key pair.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p data buffer is too small. You can determine a
+ * sufficient buffer size by calling
+ * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(\c type), \c bits)
+ * where \c type is the key type
+ * and \c bits is the key size in bits.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_export_public_key(psa_key_handle_t handle,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length);
+
+/** Make a copy of a key.
+ *
+ * Copy key material from one location to another.
+ *
+ * This function is primarily useful to copy a key from one location
+ * to another, since it populates a key using the material from
+ * another key which may have a different lifetime.
+ *
+ * In an implementation where slots have different ownerships,
+ * this function may be used to share a key with a different party,
+ * subject to implementation-defined restrictions on key sharing.
+ * In this case \p constraint would typically prevent the recipient
+ * from exporting the key.
+ *
+ * The resulting key may only be used in a way that conforms to all
+ * three of: the policy of the source key, the policy previously set
+ * on the target, and the \p constraint parameter passed when calling
+ * this function.
+ * - The usage flags on the resulting key are the bitwise-and of the
+ * usage flags on the source policy, the previously-set target policy
+ * and the policy constraint.
+ * - If all three policies allow the same algorithm or wildcard-based
+ * algorithm policy, the resulting key has the same algorithm policy.
+ * - If one of the policies allows an algorithm and all the other policies
+ * either allow the same algorithm or a wildcard-based algorithm policy
+ * that includes this algorithm, the resulting key allows the same
+ * algorithm.
+ *
+ * The effect of this function on implementation-defined metadata is
+ * implementation-defined.
+ *
+ * \param source_handle The key to copy. It must be a handle to an
+ * occupied slot.
+ * \param target_handle A handle to the target slot. It must not contain
+ * key material yet.
+ * \param[in] constraint An optional policy constraint. If this parameter
+ * is non-null then the resulting key will conform
+ * to this policy in addition to the source policy
+ * and the policy already present on the target
+ * slot. If this parameter is null then the
+ * function behaves in the same way as if it was
+ * the target policy, i.e. only the source and
+ * target policies apply.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * \p target already contains key material.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \p source does not contain key material.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The policy constraints on the source, on the target and
+ * \p constraints are incompatible.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * The source key is not exportable and its lifetime does not
+ * allow copying it to the target's lifetime.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_copy_key(psa_key_handle_t source_handle,
+ psa_key_handle_t target_handle,
+ const psa_key_policy_t *constraint);
+
+/**@}*/
+
+/** \defgroup hash Message digests
+ * @{
+ */
+
+/** The type of the state data structure for multipart hash operations.
+ *
+ * Before calling any function on a hash operation object, the application must
+ * initialize it by any of the following means:
+ * - Set the structure to all-bits-zero, for example:
+ * \code
+ * psa_hash_operation_t operation;
+ * memset(&operation, 0, sizeof(operation));
+ * \endcode
+ * - Initialize the structure to logical zero values, for example:
+ * \code
+ * psa_hash_operation_t operation = {0};
+ * \endcode
+ * - Initialize the structure to the initializer #PSA_HASH_OPERATION_INIT,
+ * for example:
+ * \code
+ * psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ * \endcode
+ * - Assign the result of the function psa_hash_operation_init()
+ * to the structure, for example:
+ * \code
+ * psa_hash_operation_t operation;
+ * operation = psa_hash_operation_init();
+ * \endcode
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
+typedef struct psa_hash_operation_s psa_hash_operation_t;
+
+/** \def PSA_HASH_OPERATION_INIT
+ *
+ * This macro returns a suitable initializer for a hash operation object
+ * of type #psa_hash_operation_t.
+ */
+#ifdef __DOXYGEN_ONLY__
+/* This is an example definition for documentation purposes.
+ * Implementations should define a suitable value in `crypto_struct.h`.
+ */
+#define PSA_HASH_OPERATION_INIT {0}
+#endif
+
+/** Return an initial value for a hash operation object.
+ */
+static psa_hash_operation_t psa_hash_operation_init(void);
+
+/** Set up a multipart hash operation.
+ *
+ * The sequence of operations to calculate a hash (message digest)
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ * listed here.
+ * -# Initialize the operation object with one of the methods described in the
+ * documentation for #psa_hash_operation_t, e.g. PSA_HASH_OPERATION_INIT.
+ * -# Call psa_hash_setup() to specify the algorithm.
+ * -# Call psa_hash_update() zero, one or more times, passing a fragment
+ * of the message each time. The hash that is calculated is the hash
+ * of the concatenation of these messages in order.
+ * -# To calculate the hash, call psa_hash_finish().
+ * To compare the hash with an expected value, call psa_hash_verify().
+ *
+ * The application may call psa_hash_abort() at any time after the operation
+ * has been initialized.
+ *
+ * After a successful call to psa_hash_setup(), the application must
+ * eventually terminate the operation. The following events terminate an
+ * operation:
+ * - A failed call to psa_hash_update().
+ * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort().
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized as per the documentation for
+ * #psa_hash_operation_t and not yet in use.
+ * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_HASH(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported or is not a hash algorithm.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
+ psa_algorithm_t alg);
+
+/** Add a message fragment to a multipart hash operation.
+ *
+ * The application must call psa_hash_setup() before calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param[in,out] operation Active hash operation.
+ * \param[in] input Buffer containing the message fragment to hash.
+ * \param input_length Size of the \p input buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or already completed).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_update(psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length);
+
+/** Finish the calculation of the hash of a message.
+ *
+ * The application must call psa_hash_setup() before calling this function.
+ * This function calculates the hash of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_hash_update().
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \warning Applications should not call this function if they expect
+ * a specific value for the hash. Call psa_hash_verify() instead.
+ * Beware that comparing integrity or authenticity data such as
+ * hash values with a function such as \c memcmp is risky
+ * because the time taken by the comparison may leak information
+ * about the hashed data which could allow an attacker to guess
+ * a valid hash and thereby bypass security controls.
+ *
+ * \param[in,out] operation Active hash operation.
+ * \param[out] hash Buffer where the hash is to be written.
+ * \param hash_size Size of the \p hash buffer in bytes.
+ * \param[out] hash_length On success, the number of bytes
+ * that make up the hash value. This is always
+ * #PSA_HASH_SIZE(\c alg) where \c alg is the
+ * hash algorithm that is calculated.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or already completed).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p hash buffer is too small. You can determine a
+ * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg)
+ * where \c alg is the hash algorithm that is calculated.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length);
+
+/** Finish the calculation of the hash of a message and compare it with
+ * an expected value.
+ *
+ * The application must call psa_hash_setup() before calling this function.
+ * This function calculates the hash of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_hash_update(). It then
+ * compares the calculated hash with the expected hash passed as a
+ * parameter to this function.
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \note Implementations shall make the best effort to ensure that the
+ * comparison between the actual hash and the expected hash is performed
+ * in constant time.
+ *
+ * \param[in,out] operation Active hash operation.
+ * \param[in] hash Buffer containing the expected hash value.
+ * \param hash_length Size of the \p hash buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * The expected hash is identical to the actual hash of the message.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The hash of the message was calculated successfully, but it
+ * differs from the expected hash.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or already completed).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
+ const uint8_t *hash,
+ size_t hash_length);
+
+/** Abort a hash operation.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * psa_hash_setup() again.
+ *
+ * You may call this function any time after the operation object has
+ * been initialized by any of the following methods:
+ * - A call to psa_hash_setup(), whether it succeeds or not.
+ * - Initializing the \c struct to all-bits-zero.
+ * - Initializing the \c struct to logical zeros, e.g.
+ * `psa_hash_operation_t operation = {0}`.
+ *
+ * In particular, calling psa_hash_abort() after the operation has been
+ * terminated by a call to psa_hash_abort(), psa_hash_finish() or
+ * psa_hash_verify() is safe and has no effect.
+ *
+ * \param[in,out] operation Initialized hash operation.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \p operation is not an active hash operation.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
+
+/** Clone a hash operation.
+ *
+ * This function copies the state of an ongoing hash operation to
+ * a new operation object. In other words, this function is equivalent
+ * to calling psa_hash_setup() on \p target_operation with the same
+ * algorithm that \p source_operation was set up for, then
+ * psa_hash_update() on \p target_operation with the same input that
+ * that was passed to \p source_operation. After this function returns, the
+ * two objects are independent, i.e. subsequent calls involving one of
+ * the objects do not affect the other object.
+ *
+ * \param[in] source_operation The active hash operation to clone.
+ * \param[in,out] target_operation The operation object to set up.
+ * It must be initialized but not active.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \p source_operation is not an active hash operation.
+ * \retval #PSA_ERROR_BAD_STATE
+ * \p target_operation is active.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation);
+
+/**@}*/
+
+/** \defgroup MAC Message authentication codes
+ * @{
+ */
+
+/** The type of the state data structure for multipart MAC operations.
+ *
+ * Before calling any function on a MAC operation object, the application must
+ * initialize it by any of the following means:
+ * - Set the structure to all-bits-zero, for example:
+ * \code
+ * psa_mac_operation_t operation;
+ * memset(&operation, 0, sizeof(operation));
+ * \endcode
+ * - Initialize the structure to logical zero values, for example:
+ * \code
+ * psa_mac_operation_t operation = {0};
+ * \endcode
+ * - Initialize the structure to the initializer #PSA_MAC_OPERATION_INIT,
+ * for example:
+ * \code
+ * psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ * \endcode
+ * - Assign the result of the function psa_mac_operation_init()
+ * to the structure, for example:
+ * \code
+ * psa_mac_operation_t operation;
+ * operation = psa_mac_operation_init();
+ * \endcode
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
+typedef struct psa_mac_operation_s psa_mac_operation_t;
+
+/** \def PSA_MAC_OPERATION_INIT
+ *
+ * This macro returns a suitable initializer for a MAC operation object of type
+ * #psa_mac_operation_t.
+ */
+#ifdef __DOXYGEN_ONLY__
+/* This is an example definition for documentation purposes.
+ * Implementations should define a suitable value in `crypto_struct.h`.
+ */
+#define PSA_MAC_OPERATION_INIT {0}
+#endif
+
+/** Return an initial value for a MAC operation object.
+ */
+static psa_mac_operation_t psa_mac_operation_init(void);
+
+/** Set up a multipart MAC calculation operation.
+ *
+ * This function sets up the calculation of the MAC
+ * (message authentication code) of a byte string.
+ * To verify the MAC of a message against an
+ * expected value, use psa_mac_verify_setup() instead.
+ *
+ * The sequence of operations to calculate a MAC is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ * listed here.
+ * -# Initialize the operation object with one of the methods described in the
+ * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT.
+ * -# Call psa_mac_sign_setup() to specify the algorithm and key.
+ * The key remains associated with the operation even if the content
+ * of the key slot changes.
+ * -# Call psa_mac_update() zero, one or more times, passing a fragment
+ * of the message each time. The MAC that is calculated is the MAC
+ * of the concatenation of these messages in order.
+ * -# At the end of the message, call psa_mac_sign_finish() to finish
+ * calculating the MAC value and retrieve it.
+ *
+ * The application may call psa_mac_abort() at any time after the operation
+ * has been initialized.
+ *
+ * After a successful call to psa_mac_sign_setup(), the application must
+ * eventually terminate the operation through one of the following methods:
+ * - A failed call to psa_mac_update().
+ * - A call to psa_mac_sign_finish() or psa_mac_abort().
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized as per the documentation for
+ * #psa_mac_operation_t and not yet in use.
+ * \param handle Handle to the key to use for the operation.
+ * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_MAC(alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p key is not compatible with \p alg.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported or is not a MAC algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg);
+
+/** Set up a multipart MAC verification operation.
+ *
+ * This function sets up the verification of the MAC
+ * (message authentication code) of a byte string against an expected value.
+ *
+ * The sequence of operations to verify a MAC is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ * listed here.
+ * -# Initialize the operation object with one of the methods described in the
+ * documentation for #psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT.
+ * -# Call psa_mac_verify_setup() to specify the algorithm and key.
+ * The key remains associated with the operation even if the content
+ * of the key slot changes.
+ * -# Call psa_mac_update() zero, one or more times, passing a fragment
+ * of the message each time. The MAC that is calculated is the MAC
+ * of the concatenation of these messages in order.
+ * -# At the end of the message, call psa_mac_verify_finish() to finish
+ * calculating the actual MAC of the message and verify it against
+ * the expected value.
+ *
+ * The application may call psa_mac_abort() at any time after the operation
+ * has been initialized.
+ *
+ * After a successful call to psa_mac_verify_setup(), the application must
+ * eventually terminate the operation through one of the following methods:
+ * - A failed call to psa_mac_update().
+ * - A call to psa_mac_verify_finish() or psa_mac_abort().
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized as per the documentation for
+ * #psa_mac_operation_t and not yet in use.
+ * \param handle Handle to the key to use for the operation.
+ * \param alg The MAC algorithm to compute (\c PSA_ALG_XXX value
+ * such that #PSA_ALG_IS_MAC(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \c key is not compatible with \c alg.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \c alg is not supported or is not a MAC algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg);
+
+/** Add a message fragment to a multipart MAC operation.
+ *
+ * The application must call psa_mac_sign_setup() or psa_mac_verify_setup()
+ * before calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] input Buffer containing the message fragment to add to
+ * the MAC calculation.
+ * \param input_length Size of the \p input buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or already completed).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_mac_update(psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length);
+
+/** Finish the calculation of the MAC of a message.
+ *
+ * The application must call psa_mac_sign_setup() before calling this function.
+ * This function calculates the MAC of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_mac_update().
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \warning Applications should not call this function if they expect
+ * a specific value for the MAC. Call psa_mac_verify_finish() instead.
+ * Beware that comparing integrity or authenticity data such as
+ * MAC values with a function such as \c memcmp is risky
+ * because the time taken by the comparison may leak information
+ * about the MAC value which could allow an attacker to guess
+ * a valid MAC and thereby bypass security controls.
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[out] mac Buffer where the MAC value is to be written.
+ * \param mac_size Size of the \p mac buffer in bytes.
+ * \param[out] mac_length On success, the number of bytes
+ * that make up the MAC value. This is always
+ * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg)
+ * where \c key_type and \c key_bits are the type and
+ * bit-size respectively of the key and \c alg is the
+ * MAC algorithm that is calculated.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or already completed).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p mac buffer is too small. You can determine a
+ * sufficient buffer size by calling PSA_MAC_FINAL_SIZE().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length);
+
+/** Finish the calculation of the MAC of a message and compare it with
+ * an expected value.
+ *
+ * The application must call psa_mac_verify_setup() before calling this function.
+ * This function calculates the MAC of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_mac_update(). It then
+ * compares the calculated MAC with the expected MAC passed as a
+ * parameter to this function.
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \note Implementations shall make the best effort to ensure that the
+ * comparison between the actual MAC and the expected MAC is performed
+ * in constant time.
+ *
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] mac Buffer containing the expected MAC value.
+ * \param mac_length Size of the \p mac buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * The expected MAC is identical to the actual MAC of the message.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The MAC of the message was calculated successfully, but it
+ * differs from the expected MAC.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or already completed).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length);
+
+/** Abort a MAC operation.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * psa_mac_sign_setup() or psa_mac_verify_setup() again.
+ *
+ * You may call this function any time after the operation object has
+ * been initialized by any of the following methods:
+ * - A call to psa_mac_sign_setup() or psa_mac_verify_setup(), whether
+ * it succeeds or not.
+ * - Initializing the \c struct to all-bits-zero.
+ * - Initializing the \c struct to logical zeros, e.g.
+ * `psa_mac_operation_t operation = {0}`.
+ *
+ * In particular, calling psa_mac_abort() after the operation has been
+ * terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or
+ * psa_mac_verify_finish() is safe and has no effect.
+ *
+ * \param[in,out] operation Initialized MAC operation.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \p operation is not an active MAC operation.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
+
+/**@}*/
+
+/** \defgroup cipher Symmetric ciphers
+ * @{
+ */
+
+/** The type of the state data structure for multipart cipher operations.
+ *
+ * Before calling any function on a cipher operation object, the application
+ * must initialize it by any of the following means:
+ * - Set the structure to all-bits-zero, for example:
+ * \code
+ * psa_cipher_operation_t operation;
+ * memset(&operation, 0, sizeof(operation));
+ * \endcode
+ * - Initialize the structure to logical zero values, for example:
+ * \code
+ * psa_cipher_operation_t operation = {0};
+ * \endcode
+ * - Initialize the structure to the initializer #PSA_CIPHER_OPERATION_INIT,
+ * for example:
+ * \code
+ * psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ * \endcode
+ * - Assign the result of the function psa_cipher_operation_init()
+ * to the structure, for example:
+ * \code
+ * psa_cipher_operation_t operation;
+ * operation = psa_cipher_operation_init();
+ * \endcode
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
+typedef struct psa_cipher_operation_s psa_cipher_operation_t;
+
+/** \def PSA_CIPHER_OPERATION_INIT
+ *
+ * This macro returns a suitable initializer for a cipher operation object of
+ * type #psa_cipher_operation_t.
+ */
+#ifdef __DOXYGEN_ONLY__
+/* This is an example definition for documentation purposes.
+ * Implementations should define a suitable value in `crypto_struct.h`.
+ */
+#define PSA_CIPHER_OPERATION_INIT {0}
+#endif
+
+/** Return an initial value for a cipher operation object.
+ */
+static psa_cipher_operation_t psa_cipher_operation_init(void);
+
+/** Set the key for a multipart symmetric encryption operation.
+ *
+ * The sequence of operations to encrypt a message with a symmetric cipher
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ * listed here.
+ * -# Initialize the operation object with one of the methods described in the
+ * documentation for #psa_cipher_operation_t, e.g.
+ * PSA_CIPHER_OPERATION_INIT.
+ * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key.
+ * The key remains associated with the operation even if the content
+ * of the key slot changes.
+ * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to
+ * generate or set the IV (initialization vector). You should use
+ * psa_cipher_generate_iv() unless the protocol you are implementing
+ * requires a specific IV value.
+ * -# Call psa_cipher_update() zero, one or more times, passing a fragment
+ * of the message each time.
+ * -# Call psa_cipher_finish().
+ *
+ * The application may call psa_cipher_abort() at any time after the operation
+ * has been initialized.
+ *
+ * After a successful call to psa_cipher_encrypt_setup(), the application must
+ * eventually terminate the operation. The following events terminate an
+ * operation:
+ * - A failed call to psa_cipher_generate_iv(), psa_cipher_set_iv()
+ * or psa_cipher_update().
+ * - A call to psa_cipher_finish() or psa_cipher_abort().
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized as per the documentation for
+ * #psa_cipher_operation_t and not yet in use.
+ * \param handle Handle to the key to use for the operation.
+ * \param alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p key is not compatible with \p alg.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported or is not a cipher algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg);
+
+/** Set the key for a multipart symmetric decryption operation.
+ *
+ * The sequence of operations to decrypt a message with a symmetric cipher
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ * listed here.
+ * -# Initialize the operation object with one of the methods described in the
+ * documentation for #psa_cipher_operation_t, e.g.
+ * PSA_CIPHER_OPERATION_INIT.
+ * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key.
+ * The key remains associated with the operation even if the content
+ * of the key slot changes.
+ * -# Call psa_cipher_update() with the IV (initialization vector) for the
+ * decryption. If the IV is prepended to the ciphertext, you can call
+ * psa_cipher_update() on a buffer containing the IV followed by the
+ * beginning of the message.
+ * -# Call psa_cipher_update() zero, one or more times, passing a fragment
+ * of the message each time.
+ * -# Call psa_cipher_finish().
+ *
+ * The application may call psa_cipher_abort() at any time after the operation
+ * has been initialized.
+ *
+ * After a successful call to psa_cipher_decrypt_setup(), the application must
+ * eventually terminate the operation. The following events terminate an
+ * operation:
+ * - A failed call to psa_cipher_update().
+ * - A call to psa_cipher_finish() or psa_cipher_abort().
+ *
+ * \param[in,out] operation The operation object to set up. It must have
+ * been initialized as per the documentation for
+ * #psa_cipher_operation_t and not yet in use.
+ * \param handle Handle to the key to use for the operation.
+ * \param alg The cipher algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p key is not compatible with \p alg.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported or is not a cipher algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (already set up and not
+ * subsequently completed).
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg);
+
+/** Generate an IV for a symmetric encryption operation.
+ *
+ * This function generates a random IV (initialization vector), nonce
+ * or initial counter value for the encryption operation as appropriate
+ * for the chosen algorithm, key type and key size.
+ *
+ * The application must call psa_cipher_encrypt_setup() before
+ * calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param[in,out] operation Active cipher operation.
+ * \param[out] iv Buffer where the generated IV is to be written.
+ * \param iv_size Size of the \p iv buffer in bytes.
+ * \param[out] iv_length On success, the number of bytes of the
+ * generated IV.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or IV already set).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p iv buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
+ unsigned char *iv,
+ size_t iv_size,
+ size_t *iv_length);
+
+/** Set the IV for a symmetric encryption or decryption operation.
+ *
+ * This function sets the random IV (initialization vector), nonce
+ * or initial counter value for the encryption or decryption operation.
+ *
+ * The application must call psa_cipher_encrypt_setup() before
+ * calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \note When encrypting, applications should use psa_cipher_generate_iv()
+ * instead of this function, unless implementing a protocol that requires
+ * a non-random IV.
+ *
+ * \param[in,out] operation Active cipher operation.
+ * \param[in] iv Buffer containing the IV to use.
+ * \param iv_length Size of the IV in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, or IV already set).
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * The size of \p iv is not acceptable for the chosen algorithm,
+ * or the chosen algorithm does not use an IV.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
+ const unsigned char *iv,
+ size_t iv_length);
+
+/** Encrypt or decrypt a message fragment in an active cipher operation.
+ *
+ * Before calling this function, you must:
+ * 1. Call either psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup().
+ * The choice of setup function determines whether this function
+ * encrypts or decrypts its input.
+ * 2. If the algorithm requires an IV, call psa_cipher_generate_iv()
+ * (recommended when encrypting) or psa_cipher_set_iv().
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param[in,out] operation Active cipher operation.
+ * \param[in] input Buffer containing the message fragment to
+ * encrypt or decrypt.
+ * \param input_length Size of the \p input buffer in bytes.
+ * \param[out] output Buffer where the output is to be written.
+ * \param output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes
+ * that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, IV required but
+ * not set, or already completed).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ unsigned char *output,
+ size_t output_size,
+ size_t *output_length);
+
+/** Finish encrypting or decrypting a message in a cipher operation.
+ *
+ * The application must call psa_cipher_encrypt_setup() or
+ * psa_cipher_decrypt_setup() before calling this function. The choice
+ * of setup function determines whether this function encrypts or
+ * decrypts its input.
+ *
+ * This function finishes the encryption or decryption of the message
+ * formed by concatenating the inputs passed to preceding calls to
+ * psa_cipher_update().
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \param[in,out] operation Active cipher operation.
+ * \param[out] output Buffer where the output is to be written.
+ * \param output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes
+ * that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ * The operation state is not valid (not set up, IV required but
+ * not set, or already completed).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length);
+
+/** Abort a cipher operation.
+ *
+ * Aborting an operation frees all associated resources except for the
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup() again.
+ *
+ * You may call this function any time after the operation object has
+ * been initialized by any of the following methods:
+ * - A call to psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(),
+ * whether it succeeds or not.
+ * - Initializing the \c struct to all-bits-zero.
+ * - Initializing the \c struct to logical zeros, e.g.
+ * `psa_cipher_operation_t operation = {0}`.
+ *
+ * In particular, calling psa_cipher_abort() after the operation has been
+ * terminated by a call to psa_cipher_abort() or psa_cipher_finish()
+ * is safe and has no effect.
+ *
+ * \param[in,out] operation Initialized cipher operation.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \p operation is not an active cipher operation.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
+
+/**@}*/
+
+/** \defgroup aead Authenticated encryption with associated data (AEAD)
+ * @{
+ */
+
+/** Process an authenticated encryption operation.
+ *
+ * \param handle Handle to the key to use for the operation.
+ * \param alg The AEAD algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param[in] nonce Nonce or IV to use.
+ * \param nonce_length Size of the \p nonce buffer in bytes.
+ * \param[in] additional_data Additional data that will be authenticated
+ * but not encrypted.
+ * \param additional_data_length Size of \p additional_data in bytes.
+ * \param[in] plaintext Data that will be authenticated and
+ * encrypted.
+ * \param plaintext_length Size of \p plaintext in bytes.
+ * \param[out] ciphertext Output buffer for the authenticated and
+ * encrypted data. The additional data is not
+ * part of this output. For algorithms where the
+ * encrypted data and the authentication tag
+ * are defined as separate outputs, the
+ * authentication tag is appended to the
+ * encrypted data.
+ * \param ciphertext_size Size of the \p ciphertext buffer in bytes.
+ * This must be at least
+ * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg,
+ * \p plaintext_length).
+ * \param[out] ciphertext_length On success, the size of the output
+ * in the \b ciphertext buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p key is not compatible with \p alg.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported or is not an AEAD algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_aead_encrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *plaintext,
+ size_t plaintext_length,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length);
+
+/** Process an authenticated decryption operation.
+ *
+ * \param handle Handle to the key to use for the operation.
+ * \param alg The AEAD algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param[in] nonce Nonce or IV to use.
+ * \param nonce_length Size of the \p nonce buffer in bytes.
+ * \param[in] additional_data Additional data that has been authenticated
+ * but not encrypted.
+ * \param additional_data_length Size of \p additional_data in bytes.
+ * \param[in] ciphertext Data that has been authenticated and
+ * encrypted. For algorithms where the
+ * encrypted data and the authentication tag
+ * are defined as separate inputs, the buffer
+ * must contain the encrypted data followed
+ * by the authentication tag.
+ * \param ciphertext_length Size of \p ciphertext in bytes.
+ * \param[out] plaintext Output buffer for the decrypted data.
+ * \param plaintext_size Size of the \p plaintext buffer in bytes.
+ * This must be at least
+ * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
+ * \p ciphertext_length).
+ * \param[out] plaintext_length On success, the size of the output
+ * in the \b plaintext buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The ciphertext is not authentic.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p key is not compatible with \p alg.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \p alg is not supported or is not an AEAD algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_aead_decrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length);
+
+/**@}*/
+
+/** \defgroup asymmetric Asymmetric cryptography
+ * @{
+ */
+
+/**
+ * \brief Sign a hash or short message with a private key.
+ *
+ * Note that to perform a hash-and-sign signature algorithm, you must
+ * first calculate the hash by calling psa_hash_setup(), psa_hash_update()
+ * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
+ * to determine the hash algorithm to use.
+ *
+ * \param handle Handle to the key to use for the operation.
+ * It must be an asymmetric key pair.
+ * \param alg A signature algorithm that is compatible with
+ * the type of \p key.
+ * \param[in] hash The hash or message to sign.
+ * \param hash_length Size of the \p hash buffer in bytes.
+ * \param[out] signature Buffer where the signature is to be written.
+ * \param signature_size Size of the \p signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ * that make up the returned signature value.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p signature buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ * where \c key_type and \c key_bits are the type and bit-size
+ * respectively of \p key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length);
+
+/**
+ * \brief Verify the signature a hash or short message using a public key.
+ *
+ * Note that to perform a hash-and-sign signature algorithm, you must
+ * first calculate the hash by calling psa_hash_setup(), psa_hash_update()
+ * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
+ * to determine the hash algorithm to use.
+ *
+ * \param handle Handle to the key to use for the operation.
+ * It must be a public key or an asymmetric key pair.
+ * \param alg A signature algorithm that is compatible with
+ * the type of \p key.
+ * \param[in] hash The hash or message whose signature is to be
+ * verified.
+ * \param hash_length Size of the \p hash buffer in bytes.
+ * \param[in] signature Buffer containing the signature to verify.
+ * \param signature_length Size of the \p signature buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * The signature is valid.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ * The calculation was perfomed successfully, but the passed
+ * signature is not a valid signature.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length);
+
+/**
+ * \brief Encrypt a short message with a public key.
+ *
+ * \param handle Handle to the key to use for the operation.
+ * It must be a public key or an asymmetric
+ * key pair.
+ * \param alg An asymmetric encryption algorithm that is
+ * compatible with the type of \p key.
+ * \param[in] input The message to encrypt.
+ * \param input_length Size of the \p input buffer in bytes.
+ * \param[in] salt A salt or label, if supported by the
+ * encryption algorithm.
+ * If the algorithm does not support a
+ * salt, pass \c NULL.
+ * If the algorithm supports an optional
+ * salt and you do not want to pass a salt,
+ * pass \c NULL.
+ *
+ * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ * supported.
+ * \param salt_length Size of the \p salt buffer in bytes.
+ * If \p salt is \c NULL, pass 0.
+ * \param[out] output Buffer where the encrypted message is to
+ * be written.
+ * \param output_size Size of the \p output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes
+ * that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ * where \c key_type and \c key_bits are the type and bit-size
+ * respectively of \p key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length);
+
+/**
+ * \brief Decrypt a short message with a private key.
+ *
+ * \param handle Handle to the key to use for the operation.
+ * It must be an asymmetric key pair.
+ * \param alg An asymmetric encryption algorithm that is
+ * compatible with the type of \p key.
+ * \param[in] input The message to decrypt.
+ * \param input_length Size of the \p input buffer in bytes.
+ * \param[in] salt A salt or label, if supported by the
+ * encryption algorithm.
+ * If the algorithm does not support a
+ * salt, pass \c NULL.
+ * If the algorithm supports an optional
+ * salt and you do not want to pass a salt,
+ * pass \c NULL.
+ *
+ * - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ * supported.
+ * \param salt_length Size of the \p salt buffer in bytes.
+ * If \p salt is \c NULL, pass 0.
+ * \param[out] output Buffer where the decrypted message is to
+ * be written.
+ * \param output_size Size of the \c output buffer in bytes.
+ * \param[out] output_length On success, the number of bytes
+ * that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ * The size of the \p output buffer is too small. You can
+ * determine a sufficient buffer size by calling
+ * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
+ * where \c key_type and \c key_bits are the type and bit-size
+ * respectively of \p key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_INVALID_PADDING
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length);
+
+/**@}*/
+
+/** \defgroup generators Generators
+ * @{
+ */
+
+/** The type of the state data structure for generators.
+ *
+ * Before calling any function on a generator, the application must
+ * initialize it by any of the following means:
+ * - Set the structure to all-bits-zero, for example:
+ * \code
+ * psa_crypto_generator_t generator;
+ * memset(&generator, 0, sizeof(generator));
+ * \endcode
+ * - Initialize the structure to logical zero values, for example:
+ * \code
+ * psa_crypto_generator_t generator = {0};
+ * \endcode
+ * - Initialize the structure to the initializer #PSA_CRYPTO_GENERATOR_INIT,
+ * for example:
+ * \code
+ * psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ * \endcode
+ * - Assign the result of the function psa_crypto_generator_init()
+ * to the structure, for example:
+ * \code
+ * psa_crypto_generator_t generator;
+ * generator = psa_crypto_generator_init();
+ * \endcode
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation.
+ */
+typedef struct psa_crypto_generator_s psa_crypto_generator_t;
+
+/** \def PSA_CRYPTO_GENERATOR_INIT
+ *
+ * This macro returns a suitable initializer for a generator object
+ * of type #psa_crypto_generator_t.
+ */
+#ifdef __DOXYGEN_ONLY__
+/* This is an example definition for documentation purposes.
+ * Implementations should define a suitable value in `crypto_struct.h`.
+ */
+#define PSA_CRYPTO_GENERATOR_INIT {0}
+#endif
+
+/** Return an initial value for a generator object.
+ */
+static psa_crypto_generator_t psa_crypto_generator_init(void);
+
+/** Retrieve the current capacity of a generator.
+ *
+ * The capacity of a generator is the maximum number of bytes that it can
+ * return. Reading *N* bytes from a generator reduces its capacity by *N*.
+ *
+ * \param[in] generator The generator to query.
+ * \param[out] capacity On success, the capacity of the generator.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ */
+psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
+ size_t *capacity);
+
+/** Read some data from a generator.
+ *
+ * This function reads and returns a sequence of bytes from a generator.
+ * The data that is read is discarded from the generator. The generator's
+ * capacity is decreased by the number of bytes read.
+ *
+ * \param[in,out] generator The generator object to read from.
+ * \param[out] output Buffer where the generator output will be
+ * written.
+ * \param output_length Number of bytes to output.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_DATA
+ * There were fewer than \p output_length bytes
+ * in the generator. Note that in this case, no
+ * output is written to the output buffer.
+ * The generator's capacity is set to 0, thus
+ * subsequent calls to this function will not
+ * succeed, even with a smaller output buffer.
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
+ uint8_t *output,
+ size_t output_length);
+
+/** Create a symmetric key from data read from a generator.
+ *
+ * This function reads a sequence of bytes from a generator and imports
+ * these bytes as a key.
+ * The data that is read is discarded from the generator. The generator's
+ * capacity is decreased by the number of bytes read.
+ *
+ * This function is equivalent to calling #psa_generator_read and
+ * passing the resulting output to #psa_import_key, but
+ * if the implementation provides an isolation boundary then
+ * the key material is not exposed outside the isolation boundary.
+ *
+ * \param handle Handle to the slot where the key will be stored.
+ * It must have been obtained by calling
+ * psa_allocate_key() or psa_create_key() and must
+ * not contain key material yet.
+ * \param type Key type (a \c PSA_KEY_TYPE_XXX value).
+ * This must be a symmetric key type.
+ * \param bits Key size in bits.
+ * \param[in,out] generator The generator object to read from.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * If the key is persistent, the key material and the key's metadata
+ * have been saved to persistent storage.
+ * \retval #PSA_ERROR_INSUFFICIENT_DATA
+ * There were fewer than \p output_length bytes
+ * in the generator. Note that in this case, no
+ * output is written to the output buffer.
+ * The generator's capacity is set to 0, thus
+ * subsequent calls to this function will not
+ * succeed, even with a smaller output buffer.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * The key type or key size is not supported, either by the
+ * implementation in general or in this particular slot.
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * There is already a key in the specified slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_generator_import_key(psa_key_handle_t handle,
+ psa_key_type_t type,
+ size_t bits,
+ psa_crypto_generator_t *generator);
+
+/** Abort a generator.
+ *
+ * Once a generator has been aborted, its capacity is zero.
+ * Aborting a generator frees all associated resources except for the
+ * \c generator structure itself.
+ *
+ * This function may be called at any time as long as the generator
+ * object has been initialized to #PSA_CRYPTO_GENERATOR_INIT, to
+ * psa_crypto_generator_init() or a zero value. In particular, it is valid
+ * to call psa_generator_abort() twice, or to call psa_generator_abort()
+ * on a generator that has not been set up.
+ *
+ * Once aborted, the generator object may be called.
+ *
+ * \param[in,out] generator The generator to abort.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
+
+/** Use the maximum possible capacity for a generator.
+ *
+ * Use this value as the capacity argument when setting up a generator
+ * to indicate that the generator should have the maximum possible capacity.
+ * The value of the maximum possible capacity depends on the generator
+ * algorithm.
+ */
+#define PSA_GENERATOR_UNBRIDLED_CAPACITY ((size_t)(-1))
+
+/**@}*/
+
+/** \defgroup derivation Key derivation
+ * @{
+ */
+
+/** Set up a key derivation operation.
+ *
+ * A key derivation algorithm takes three inputs: a secret input \p key and
+ * two non-secret inputs \p label and p salt.
+ * The result of this function is a byte generator which can
+ * be used to produce keys and other cryptographic material.
+ *
+ * The role of \p label and \p salt is as follows:
+ * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step
+ * and \p label is the info string used in the "expand" step.
+ *
+ * \param[in,out] generator The generator object to set up. It must have
+ * been initialized as per the documentation for
+ * #psa_crypto_generator_t and not yet in use.
+ * \param handle Handle to the secret key.
+ * \param alg The key derivation algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true).
+ * \param[in] salt Salt to use.
+ * \param salt_length Size of the \p salt buffer in bytes.
+ * \param[in] label Label to use.
+ * \param label_length Size of the \p label buffer in bytes.
+ * \param capacity The maximum number of bytes that the
+ * generator will be able to provide.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \c key is not compatible with \c alg,
+ * or \p capacity is too large for the specified algorithm and key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \c alg is not supported or is not a key derivation algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *salt,
+ size_t salt_length,
+ const uint8_t *label,
+ size_t label_length,
+ size_t capacity);
+
+/** Set up a key agreement operation.
+ *
+ * A key agreement algorithm takes two inputs: a private key \p private_key
+ * a public key \p peer_key.
+ * The result of this function is a byte generator which can
+ * be used to produce keys and other cryptographic material.
+ *
+ * The resulting generator always has the maximum capacity permitted by
+ * the algorithm.
+ *
+ * \param[in,out] generator The generator object to set up. It must have been
+ * initialized as per the documentation for
+ * #psa_crypto_generator_t and not yet in use.
+ * \param private_key Handle to the private key to use.
+ * \param[in] peer_key Public key of the peer. The peer key must be in the
+ * same format that psa_import_key() accepts for the
+ * public key type corresponding to the type of
+ * \p private_key. That is, this function performs the
+ * equivalent of
+ * `psa_import_key(internal_public_key_handle,
+ * PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(private_key_type),
+ * peer_key, peer_key_length)` where
+ * `private_key_type` is the type of \p private_key.
+ * For example, for EC keys, this means that \p
+ * peer_key is interpreted as a point on the curve
+ * that the private key is associated with. The
+ * standard formats for public keys are documented in
+ * the documentation of psa_export_public_key().
+ * \param peer_key_length Size of \p peer_key in bytes.
+ * \param alg The key agreement algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \c private_key is not compatible with \c alg,
+ * or \p peer_key is not valid for \c alg or not compatible with
+ * \c private_key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \c alg is not supported or is not a key derivation algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
+ psa_key_handle_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ psa_algorithm_t alg);
+
+/**@}*/
+
+/** \defgroup random Random generation
+ * @{
+ */
+
+/**
+ * \brief Generate random bytes.
+ *
+ * \warning This function **can** fail! Callers MUST check the return status
+ * and MUST NOT use the content of the output buffer if the return
+ * status is not #PSA_SUCCESS.
+ *
+ * \note To generate a key, use psa_generate_key() instead.
+ *
+ * \param[out] output Output buffer for the generated data.
+ * \param output_size Number of bytes to generate and output.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_generate_random(uint8_t *output,
+ size_t output_size);
+
+/** Extra parameters for RSA key generation.
+ *
+ * You may pass a pointer to a structure of this type as the \c extra
+ * parameter to psa_generate_key().
+ */
+typedef struct {
+ uint32_t e; /**< Public exponent value. Default: 65537. */
+} psa_generate_key_extra_rsa;
+
+/**
+ * \brief Generate a key or key pair.
+ *
+ * \param handle Handle to the slot where the key will be stored.
+ * It must have been obtained by calling
+ * psa_allocate_key() or psa_create_key() and must
+ * not contain key material yet.
+ * \param type Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param bits Key size in bits.
+ * \param[in] extra Extra parameters for key generation. The
+ * interpretation of this parameter depends on
+ * \p type. All types support \c NULL to use
+ * default parameters. Implementation that support
+ * the generation of vendor-specific key types
+ * that allow extra parameters shall document
+ * the format of these extra parameters and
+ * the default values. For standard parameters,
+ * the meaning of \p extra is as follows:
+ * - For a symmetric key type (a type such
+ * that #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is
+ * false), \p extra must be \c NULL.
+ * - For an elliptic curve key type (a type
+ * such that #PSA_KEY_TYPE_IS_ECC(\p type) is
+ * false), \p extra must be \c NULL.
+ * - For an RSA key (\p type is
+ * #PSA_KEY_TYPE_RSA_KEYPAIR), \p extra is an
+ * optional #psa_generate_key_extra_rsa structure
+ * specifying the public exponent. The
+ * default public exponent used when \p extra
+ * is \c NULL is 65537.
+ * \param extra_size Size of the buffer that \p extra
+ * points to, in bytes. Note that if \p extra is
+ * \c NULL then \p extra_size must be zero.
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ * If the key is persistent, the key material and the key's metadata
+ * have been saved to persistent storage.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * There is already a key in the specified slot.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * The library has not been previously initialized by psa_crypto_init().
+ * It is implementation-dependent whether a failure to initialize
+ * results in this error code.
+ */
+psa_status_t psa_generate_key(psa_key_handle_t handle,
+ psa_key_type_t type,
+ size_t bits,
+ const void *extra,
+ size_t extra_size);
+
+/**@}*/
+
+#ifdef __cplusplus
+}
+#endif
+
+/* The file "crypto_sizes.h" contains definitions for size calculation
+ * macros whose definitions are implementation-specific. */
+#include "crypto_sizes.h"
+
+/* The file "crypto_struct.h" contains definitions for
+ * implementation-specific structs that are declared above. */
+#include "crypto_struct.h"
+
+/* The file "crypto_extra.h" contains vendor-specific definitions. This
+ * can include vendor-defined algorithms, extra functions, etc. */
+#include "crypto_extra.h"
+
+#endif /* PSA_CRYPTO_H */
diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h
new file mode 100644
index 0000000..b752fed
--- /dev/null
+++ b/include/psa/crypto_accel_driver.h
@@ -0,0 +1,796 @@
+/**
+ * \file psa/crypto_accel_driver.h
+ * \brief PSA cryptography accelerator driver module
+ *
+ * This header declares types and function signatures for cryptography
+ * drivers that access key material directly. This is meant for
+ * on-chip cryptography accelerators.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef PSA_CRYPTO_ACCEL_DRIVER_H
+#define PSA_CRYPTO_ACCEL_DRIVER_H
+
+#include "crypto_driver_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** \defgroup driver_digest Message Digests
+ *
+ * Generation and authentication of Message Digests (aka hashes) must be done
+ * in parts using the following sequence:
+ * - `psa_drv_hash_setup_t`
+ * - `psa_drv_hash_update_t`
+ * - ...
+ * - `psa_drv_hash_finish_t`
+ *
+ * If a previously started Message Digest operation needs to be terminated
+ * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted
+ * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated
+ * resources not being freed or in other undefined behavior.
+ */
+/**@{*/
+
+/** \brief The hardware-specific hash context structure
+ *
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here
+ */
+typedef struct psa_drv_hash_context_s psa_drv_hash_context_t;
+
+/** \brief The function prototype for the start operation of a hash (message
+ * digest) operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_setup
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying hash function
+ *
+ * \param[in,out] p_context A structure that will contain the
+ * hardware-specific hash context
+ *
+ * \retval PSA_SUCCESS Success.
+ */
+typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
+
+/** \brief The function prototype for the update operation of a hash (message
+ * digest) operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_update
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously-established hash operation to be
+ * continued
+ * \param[in] p_input A buffer containing the message to be appended
+ * to the hash operation
+ * \param[in] input_length The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context,
+ const uint8_t *p_input,
+ size_t input_length);
+
+/** \brief The prototype for the finish operation of a hash (message digest)
+ * operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_finish
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started hash operation to be
+ * fiinished
+ * \param[out] p_output A buffer where the generated digest will be
+ * placed
+ * \param[in] output_size The size in bytes of the buffer that has been
+ * allocated for the `p_output` buffer
+ * \param[out] p_output_length The number of bytes placed in `p_output` after
+ * success
+ *
+ * \retval PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/** \brief The function prototype for the abort operation of a hash (message
+ * digest) operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_abort
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ *
+ * \param[in,out] p_context A hardware-specific structure for the previously
+ * started hash operation to be aborted
+ */
+typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context);
+
+/**@}*/
+
+/** \defgroup transparent_mac Transparent Message Authentication Code
+ * Generation and authentication of Message Authentication Codes (MACs) using
+ * transparent keys can be done either as a single function call (via the
+ * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t`
+ * functions), or in parts using the following sequence:
+ * - `psa_drv_mac_transparent_setup_t`
+ * - `psa_drv_mac_transparent_update_t`
+ * - `psa_drv_mac_transparent_update_t`
+ * - ...
+ * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t`
+ *
+ * If a previously started Transparent MAC operation needs to be terminated, it
+ * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may
+ * result in allocated resources not being freed or in other undefined
+ * behavior.
+ *
+ */
+/**@{*/
+
+/** \brief The hardware-specific transparent-key MAC context structure
+ *
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here.
+ */
+typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t;
+
+/** \brief The function prototype for the setup operation of a
+ * transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_setup
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
+ * is the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context A structure that will contain the
+ * hardware-specific MAC context
+ * \param[in] p_key A buffer containing the cleartext key material
+ * to be used in the operation
+ * \param[in] key_length The size in bytes of the key material
+ *
+ * \retval PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context,
+ const uint8_t *p_key,
+ size_t key_length);
+
+/** \brief The function prototype for the update operation of a
+ * transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_update
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
+ * is the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously-established MAC operation to be
+ * continued
+ * \param[in] p_input A buffer containing the message to be appended
+ * to the MAC operation
+ * \param[in] input_length The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context,
+ const uint8_t *p_input,
+ size_t input_length);
+
+/** \brief The function prototype for the finish operation of a
+ * transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started MAC operation to be
+ * finished
+ * \param[out] p_mac A buffer where the generated MAC will be placed
+ * \param[in] mac_length The size in bytes of the buffer that has been
+ * allocated for the `p_mac` buffer
+ *
+ * \retval PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context,
+ uint8_t *p_mac,
+ size_t mac_length);
+
+/** \brief The function prototype for the finish and verify operation of a
+ * transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started MAC operation to be
+ * verified and finished
+ * \param[in] p_mac A buffer containing the MAC that will be used
+ * for verification
+ * \param[in] mac_length The size in bytes of the data in the `p_mac`
+ * buffer
+ *
+ * \retval PSA_SUCCESS
+ * The operation completed successfully and the comparison matched
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context,
+ const uint8_t *p_mac,
+ size_t mac_length);
+
+/** \brief The function prototype for the abort operation for a previously
+ * started transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_abort
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started MAC operation to be
+ * aborted
+ *
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context);
+
+/** \brief The function prototype for a one-shot operation of a transparent-key
+ * MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in] p_input A buffer containing the data to be MACed
+ * \param[in] input_length The length in bytes of the `p_input` data
+ * \param[in] p_key A buffer containing the key material to be used
+ * for the MAC operation
+ * \param[in] key_length The length in bytes of the `p_key` data
+ * \param[in] alg The algorithm to be performed
+ * \param[out] p_mac The buffer where the resulting MAC will be placed
+ * upon success
+ * \param[in] mac_length The length in bytes of the `p_mac` buffer
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input,
+ size_t input_length,
+ const uint8_t *p_key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ uint8_t *p_mac,
+ size_t mac_length);
+
+/** \brief The function prototype for a one-shot operation of a transparent-key
+ * MAC Verify operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in] p_input A buffer containing the data to be MACed
+ * \param[in] input_length The length in bytes of the `p_input` data
+ * \param[in] p_key A buffer containing the key material to be used
+ * for the MAC operation
+ * \param[in] key_length The length in bytes of the `p_key` data
+ * \param[in] alg The algorithm to be performed
+ * \param[in] p_mac The MAC data to be compared
+ * \param[in] mac_length The length in bytes of the `p_mac` buffer
+ *
+ * \retval PSA_SUCCESS
+ * The operation completed successfully and the comparison matched
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input,
+ size_t input_length,
+ const uint8_t *p_key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *p_mac,
+ size_t mac_length);
+/**@}*/
+
+/** \defgroup transparent_cipher Transparent Block Cipher
+ * Encryption and Decryption using transparent keys in block modes other than
+ * ECB must be done in multiple parts, using the following flow:
+ * - `psa_drv_cipher_transparent_setup_t`
+ * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode)
+ * - `psa_drv_cipher_transparent_update_t`
+ * - ...
+ * - `psa_drv_cipher_transparent_finish_t`
+
+ * If a previously started Transparent Cipher operation needs to be terminated,
+ * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do
+ * so may result in allocated resources not being freed or in other undefined
+ * behavior.
+ */
+/**@{*/
+
+/** \brief The hardware-specific transparent-key Cipher context structure
+ *
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here.
+ */
+typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t;
+
+/** \brief The function prototype for the setup operation of transparent-key
+ * block cipher operations.
+ * Functions that implement the prototype should be named in the following
+ * conventions:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * or for stream ciphers:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_setup_<CIPHER_NAME>
+ * ~~~~~~~~~~~~~
+ * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
+ *
+ * \param[in,out] p_context A structure that will contain the
+ * hardware-specific cipher context
+ * \param[in] direction Indicates if the operation is an encrypt or a
+ * decrypt
+ * \param[in] p_key_data A buffer containing the cleartext key material
+ * to be used in the operation
+ * \param[in] key_data_size The size in bytes of the key material
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context,
+ psa_encrypt_or_decrypt_t direction,
+ const uint8_t *p_key_data,
+ size_t key_data_size);
+
+/** \brief The function prototype for the set initialization vector operation
+ * of transparent-key block cipher operations
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context A structure that contains the previously setup
+ * hardware-specific cipher context
+ * \param[in] p_iv A buffer containing the initialization vecotr
+ * \param[in] iv_length The size in bytes of the contents of `p_iv`
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context,
+ const uint8_t *p_iv,
+ size_t iv_length);
+
+/** \brief The function prototype for the update operation of transparent-key
+ * block cipher operations.
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_update_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started cipher operation
+ * \param[in] p_input A buffer containing the data to be
+ * encrypted or decrypted
+ * \param[in] input_size The size in bytes of the `p_input` buffer
+ * \param[out] p_output A caller-allocated buffer where the
+ * generated output will be placed
+ * \param[in] output_size The size in bytes of the `p_output` buffer
+ * \param[out] p_output_length After completion, will contain the number
+ * of bytes placed in the `p_output` buffer
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context,
+ const uint8_t *p_input,
+ size_t input_size,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/** \brief The function prototype for the finish operation of transparent-key
+ * block cipher operations.
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started cipher operation
+ * \param[out] p_output A caller-allocated buffer where the generated
+ * output will be placed
+ * \param[in] output_size The size in bytes of the `p_output` buffer
+ * \param[out] p_output_length After completion, will contain the number of
+ * bytes placed in the `p_output` buffer
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/** \brief The function prototype for the abort operation of transparent-key
+ * block cipher operations.
+ *
+ * Functions that implement the following prototype should be named in the
+ * following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started cipher operation
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context);
+
+/**@}*/
+
+/** \defgroup aead_transparent AEAD Transparent
+ *
+ * Authenticated Encryption with Additional Data (AEAD) operations with
+ * transparent keys must be done in one function call. While this creates a
+ * burden for implementers as there must be sufficient space in memory for the
+ * entire message, it prevents decrypted data from being made available before
+ * the authentication operation is complete and the data is known to be
+ * authentic.
+ */
+/**@{*/
+
+/** Process an authenticated encryption operation using an opaque key.
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_aead_<ALGO>_encrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the AEAD algorithm
+ *
+ * \param[in] p_key A pointer to the key material
+ * \param[in] key_length The size in bytes of the key material
+ * \param[in] alg The AEAD algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] nonce Nonce or IV to use
+ * \param[in] nonce_length Size of the `nonce` buffer in bytes
+ * \param[in] additional_data Additional data that will be MACed
+ * but not encrypted.
+ * \param[in] additional_data_length Size of `additional_data` in bytes
+ * \param[in] plaintext Data that will be MACed and
+ * encrypted.
+ * \param[in] plaintext_length Size of `plaintext` in bytes
+ * \param[out] ciphertext Output buffer for the authenticated and
+ * encrypted data. The additional data is
+ * not part of this output. For algorithms
+ * where the encrypted data and the
+ * authentication tag are defined as
+ * separate outputs, the authentication
+ * tag is appended to the encrypted data.
+ * \param[in] ciphertext_size Size of the `ciphertext` buffer in
+ * bytes
+ * This must be at least
+ * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`,
+ * `plaintext_length`).
+ * \param[out] ciphertext_length On success, the size of the output in
+ * the `ciphertext` buffer
+ *
+ * \retval #PSA_SUCCESS
+
+ */
+typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *plaintext,
+ size_t plaintext_length,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length);
+
+/** Process an authenticated decryption operation using an opaque key.
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_aead_<ALGO>_decrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the AEAD algorithm
+ * \param[in] p_key A pointer to the key material
+ * \param[in] key_length The size in bytes of the key material
+ * \param[in] alg The AEAD algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] nonce Nonce or IV to use
+ * \param[in] nonce_length Size of the `nonce` buffer in bytes
+ * \param[in] additional_data Additional data that has been MACed
+ * but not encrypted
+ * \param[in] additional_data_length Size of `additional_data` in bytes
+ * \param[in] ciphertext Data that has been MACed and
+ * encrypted
+ * For algorithms where the encrypted data
+ * and the authentication tag are defined
+ * as separate inputs, the buffer must
+ * contain the encrypted data followed by
+ * the authentication tag.
+ * \param[in] ciphertext_length Size of `ciphertext` in bytes
+ * \param[out] plaintext Output buffer for the decrypted data
+ * \param[in] plaintext_size Size of the `plaintext` buffer in
+ * bytes
+ * This must be at least
+ * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`,
+ * `ciphertext_length`).
+ * \param[out] plaintext_length On success, the size of the output
+ * in the \b plaintext buffer
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key,
+ size_t key_length,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length);
+
+/**@}*/
+
+/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography
+ *
+ * Since the amount of data that can (or should) be encrypted or signed using
+ * asymmetric keys is limited by the key size, asymmetric key operations using
+ * transparent keys must be done in single function calls.
+ */
+/**@{*/
+
+
+/**
+ * \brief A function that signs a hash or short message with a transparent
+ * asymmetric private key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_sign
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the signing algorithm
+ *
+ * \param[in] p_key A buffer containing the private key
+ * material
+ * \param[in] key_size The size in bytes of the `p_key` data
+ * \param[in] alg A signature algorithm that is compatible
+ * with the type of `p_key`
+ * \param[in] p_hash The hash or message to sign
+ * \param[in] hash_length Size of the `p_hash` buffer in bytes
+ * \param[out] p_signature Buffer where the signature is to be written
+ * \param[in] signature_size Size of the `p_signature` buffer in bytes
+ * \param[out] p_signature_length On success, the number of bytes
+ * that make up the returned signature value
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key,
+ size_t key_size,
+ psa_algorithm_t alg,
+ const uint8_t *p_hash,
+ size_t hash_length,
+ uint8_t *p_signature,
+ size_t signature_size,
+ size_t *p_signature_length);
+
+/**
+ * \brief A function that verifies the signature a hash or short message using
+ * a transparent asymmetric public key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the signing algorithm
+ *
+ * \param[in] p_key A buffer containing the public key material
+ * \param[in] key_size The size in bytes of the `p_key` data
+ * \param[in] alg A signature algorithm that is compatible with
+ * the type of `key`
+ * \param[in] p_hash The hash or message whose signature is to be
+ * verified
+ * \param[in] hash_length Size of the `p_hash` buffer in bytes
+ * \param[in] p_signature Buffer containing the signature to verify
+ * \param[in] signature_length Size of the `p_signature` buffer in bytes
+ *
+ * \retval PSA_SUCCESS
+ * The signature is valid.
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key,
+ size_t key_size,
+ psa_algorithm_t alg,
+ const uint8_t *p_hash,
+ size_t hash_length,
+ const uint8_t *p_signature,
+ size_t signature_length);
+
+/**
+ * \brief A function that encrypts a short message with a transparent
+ * asymmetric public key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_encrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the encryption algorithm
+ *
+ * \param[in] p_key A buffer containing the public key material
+ * \param[in] key_size The size in bytes of the `p_key` data
+ * \param[in] alg An asymmetric encryption algorithm that is
+ * compatible with the type of `key`
+ * \param[in] p_input The message to encrypt
+ * \param[in] input_length Size of the `p_input` buffer in bytes
+ * \param[in] p_salt A salt or label, if supported by the
+ * encryption algorithm
+ * If the algorithm does not support a
+ * salt, pass `NULL`
+ * If the algorithm supports an optional
+ * salt and you do not want to pass a salt,
+ * pass `NULL`.
+ * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ * supported.
+ * \param[in] salt_length Size of the `p_salt` buffer in bytes
+ * If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output Buffer where the encrypted message is to
+ * be written
+ * \param[in] output_size Size of the `p_output` buffer in bytes
+ * \param[out] p_output_length On success, the number of bytes
+ * that make up the returned output
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key,
+ size_t key_size,
+ psa_algorithm_t alg,
+ const uint8_t *p_input,
+ size_t input_length,
+ const uint8_t *p_salt,
+ size_t salt_length,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/**
+ * \brief Decrypt a short message with a transparent asymmetric private key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_decrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the encryption algorithm
+ *
+ * \param[in] p_key A buffer containing the private key material
+ * \param[in] key_size The size in bytes of the `p_key` data
+ * \param[in] alg An asymmetric encryption algorithm that is
+ * compatible with the type of `key`
+ * \param[in] p_input The message to decrypt
+ * \param[in] input_length Size of the `p_input` buffer in bytes
+ * \param[in] p_salt A salt or label, if supported by the
+ * encryption algorithm
+ * If the algorithm does not support a
+ * salt, pass `NULL`.
+ * If the algorithm supports an optional
+ * salt and you do not want to pass a salt,
+ * pass `NULL`.
+ * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ * supported
+ * \param[in] salt_length Size of the `p_salt` buffer in bytes
+ * If `p_salt` is `NULL`, pass 0
+ * \param[out] p_output Buffer where the decrypted message is to
+ * be written
+ * \param[in] output_size Size of the `p_output` buffer in bytes
+ * \param[out] p_output_length On success, the number of bytes
+ * that make up the returned output
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key,
+ size_t key_size,
+ psa_algorithm_t alg,
+ const uint8_t *p_input,
+ size_t input_length,
+ const uint8_t *p_salt,
+ size_t salt_length,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/**@}*/
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_ACCEL_DRIVER_H */
diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h
new file mode 100644
index 0000000..6f1a5d5
--- /dev/null
+++ b/include/psa/crypto_driver_common.h
@@ -0,0 +1,54 @@
+/**
+ * \file psa/crypto_driver_common.h
+ * \brief Definitions for all PSA crypto drivers
+ *
+ * This file contains common definitions shared by all PSA crypto drivers.
+ * Do not include it directly: instead, include the header file(s) for
+ * the type(s) of driver that you are implementing. For example, if
+ * you are writing a driver for a chip that provides both a hardware
+ * random generator and an accelerator for some cryptographic algorithms,
+ * include `psa/crypto_entropy_driver.h` and `psa/crypto_accel_driver.h`.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef PSA_CRYPTO_DRIVER_COMMON_H
+#define PSA_CRYPTO_DRIVER_COMMON_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+/* Include type definitions (psa_status_t, psa_algorithm_t,
+ * psa_key_type_t, etc.) and macros to build and analyze values
+ * of these types. */
+#include "crypto_types.h"
+#include "crypto_values.h"
+
+/** For encrypt-decrypt functions, whether the operation is an encryption
+ * or a decryption. */
+typedef enum {
+ PSA_CRYPTO_DRIVER_DECRYPT,
+ PSA_CRYPTO_DRIVER_ENCRYPT
+} psa_encrypt_or_decrypt_t;
+
+#endif /* PSA_CRYPTO_DRIVER_COMMON_H */
diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h
new file mode 100644
index 0000000..f5e383e
--- /dev/null
+++ b/include/psa/crypto_entropy_driver.h
@@ -0,0 +1,111 @@
+/**
+ * \file psa/crypto_entropy_driver.h
+ * \brief PSA entropy source driver module
+ *
+ * This header declares types and function signatures for entropy sources.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef PSA_CRYPTO_ENTROPY_DRIVER_H
+#define PSA_CRYPTO_ENTROPY_DRIVER_H
+
+#include "crypto_driver_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** \defgroup driver_rng Entropy Generation
+ */
+/**@{*/
+
+/** \brief A hardware-specific structure for a entropy providing hardware
+ */
+typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t;
+
+/** \brief Initialize an entropy driver
+ *
+ *
+ * \param[in,out] p_context A hardware-specific structure
+ * containing any context information for
+ * the implementation
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context);
+
+/** \brief Get a specified number of bits from the entropy source
+ *
+ * It retrives `buffer_size` bytes of data from the entropy source. The entropy
+ * source will always fill the provided buffer to its full size, however, most
+ * entropy sources have biases, and the actual amount of entropy contained in
+ * the buffer will be less than the number of bytes.
+ * The driver will return the actual number of bytes of entropy placed in the
+ * buffer in `p_received_entropy_bytes`.
+ * A PSA Crypto API implementation will likely feed the output of this function
+ * into a Digital Random Bit Generator (DRBG), and typically has a minimum
+ * amount of entropy that it needs.
+ * To accomplish this, the PSA Crypto implementation should be designed to call
+ * this function multiple times until it has received the required amount of
+ * entropy from the entropy source.
+ *
+ * \param[in,out] p_context A hardware-specific structure
+ * containing any context information
+ * for the implementation
+ * \param[out] p_buffer A caller-allocated buffer for the
+ * retrieved entropy to be placed in
+ * \param[in] buffer_size The allocated size of `p_buffer`
+ * \param[out] p_received_entropy_bits The amount of entropy (in bits)
+ * actually provided in `p_buffer`
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context,
+ uint8_t *p_buffer,
+ uint32_t buffer_size,
+ uint32_t *p_received_entropy_bits);
+
+/**
+ * \brief A struct containing all of the function pointers needed to interface
+ * to an entropy source
+ *
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
+ *
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+typedef struct {
+ /** Function that performs initialization for the entropy source */
+ psa_drv_entropy_init_t *p_init;
+ /** Function that performs the get_bits operation for the entropy source
+ */
+ psa_drv_entropy_get_bits_t *p_get_bits;
+} psa_drv_entropy_t;
+/**@}*/
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_ENTROPY_DRIVER_H */
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
new file mode 100644
index 0000000..5dd4789
--- /dev/null
+++ b/include/psa/crypto_extra.h
@@ -0,0 +1,152 @@
+/**
+ * \file psa/crypto_extra.h
+ *
+ * \brief PSA cryptography module: Mbed TLS vendor extensions
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file is reserved for vendor-specific definitions.
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_EXTRA_H
+#define PSA_CRYPTO_EXTRA_H
+
+#include "mbedtls/platform_util.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* UID for secure storage seed */
+#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
+
+/*
+ * Deprecated PSA Crypto error code definitions
+ */
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_UNKNOWN_ERROR \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR )
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_OCCUPIED_SLOT \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS )
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_EMPTY_SLOT \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST )
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#define PSA_ERROR_INSUFFICIENT_CAPACITY \
+ MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA )
+#endif
+
+/**
+ * \brief Library deinitialization.
+ *
+ * This function clears all data associated with the PSA layer,
+ * including the whole key store.
+ *
+ * This is an Mbed TLS extension.
+ */
+void mbedtls_psa_crypto_free( void );
+
+
+/**
+ * \brief Inject an initial entropy seed for the random generator into
+ * secure storage.
+ *
+ * This function injects data to be used as a seed for the random generator
+ * used by the PSA Crypto implementation. On devices that lack a trusted
+ * entropy source (preferably a hardware random number generator),
+ * the Mbed PSA Crypto implementation uses this value to seed its
+ * random generator.
+ *
+ * On devices without a trusted entropy source, this function must be
+ * called exactly once in the lifetime of the device. On devices with
+ * a trusted entropy source, calling this function is optional.
+ * In all cases, this function may only be called before calling any
+ * other function in the PSA Crypto API, including psa_crypto_init().
+ *
+ * When this function returns successfully, it populates a file in
+ * persistent storage. Once the file has been created, this function
+ * can no longer succeed.
+ *
+ * If any error occurs, this function does not change the system state.
+ * You can call this function again after correcting the reason for the
+ * error if possible.
+ *
+ * \warning This function **can** fail! Callers MUST check the return status.
+ *
+ * \warning If you use this function, you should use it as part of a
+ * factory provisioning process. The value of the injected seed
+ * is critical to the security of the device. It must be
+ * *secret*, *unpredictable* and (statistically) *unique per device*.
+ * You should be generate it randomly using a cryptographically
+ * secure random generator seeded from trusted entropy sources.
+ * You should transmit it securely to the device and ensure
+ * that its value is not leaked or stored anywhere beyond the
+ * needs of transmitting it from the point of generation to
+ * the call of this function, and erase all copies of the value
+ * once this function returns.
+ *
+ * This is an Mbed TLS extension.
+ *
+ * \note This function is only available on the following platforms:
+ * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and
+ * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you
+ * must provide compatible implementations of mbedtls_nv_seed_read
+ * and mbedtls_nv_seed_write.
+ * * In a client-server integration of PSA Cryptography, on the client side,
+ * if the server supports this feature.
+ * \param[in] seed Buffer containing the seed value to inject.
+ * \param[in] seed_size Size of the \p seed buffer.
+ * The size of the seed in bytes must be greater
+ * or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM
+ * and #MBEDTLS_ENTROPY_BLOCK_SIZE.
+ * It must be less or equal to
+ * #MBEDTLS_ENTROPY_MAX_SEED_SIZE.
+ *
+ * \retval #PSA_SUCCESS
+ * The seed value was injected successfully. The random generator
+ * of the PSA Crypto implementation is now ready for use.
+ * You may now call psa_crypto_init() and use the PSA Crypto
+ * implementation.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p seed_size is out of range.
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * There was a failure reading or writing from storage.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * The library has already been initialized. It is no longer
+ * possible to call this function.
+ */
+psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
+ size_t seed_size);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_EXTRA_H */
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
new file mode 100644
index 0000000..42cdad3
--- /dev/null
+++ b/include/psa/crypto_platform.h
@@ -0,0 +1,101 @@
+/**
+ * \file psa/crypto_platform.h
+ *
+ * \brief PSA cryptography module: Mbed TLS platfom definitions
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains platform-dependent type definitions.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, implementers should take care to ensure that
+ * the definitions that are exposed to applications match what the
+ * module implements.
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_PLATFORM_H
+#define PSA_CRYPTO_PLATFORM_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "../mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/* PSA requires several types which C99 provides in stdint.h. */
+#include <stdint.h>
+
+/* Integral type representing a key handle. */
+typedef uint16_t psa_key_handle_t;
+
+/* This implementation distinguishes *application key identifiers*, which
+ * are the key identifiers specified by the application, from
+ * *key file identifiers*, which are the key identifiers that the library
+ * sees internally. The two types can be different if there is a remote
+ * call layer between the application and the library which supports
+ * multiple client applications that do not have access to each others'
+ * keys. The point of having different types is that the key file
+ * identifier may encode not only the key identifier specified by the
+ * application, but also the the identity of the application.
+ *
+ * Note that this is an internal concept of the library and the remote
+ * call layer. The application itself never sees anything other than
+ * #psa_app_key_id_t with its standard definition.
+ */
+
+/* The application key identifier is always what the application sees as
+ * #psa_key_id_t. */
+typedef uint32_t psa_app_key_id_t;
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
+
+#if defined(PSA_CRYPTO_SECURE)
+/* Building for the PSA Crypto service on a PSA platform. */
+/* A key owner is a PSA partition identifier. */
+typedef int32_t psa_key_owner_id_t;
+#endif
+
+typedef struct
+{
+ uint32_t key_id;
+ psa_key_owner_id_t owner;
+} psa_key_file_id_t;
+#define PSA_KEY_FILE_GET_KEY_ID( file_id ) ( ( file_id ).key_id )
+
+/* Since crypto.h is used as part of the PSA Cryptography API specification,
+ * it must use standard types for things like the argument of psa_open_key().
+ * If it wasn't for that constraint, psa_open_key() would take a
+ * `psa_key_file_id_t` argument. As a workaround, make `psa_key_id_t` an
+ * alias for `psa_key_file_id_t` when building for a multi-client service. */
+typedef psa_key_file_id_t psa_key_id_t;
+
+#else /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
+
+/* By default, a key file identifier is just the application key identifier. */
+typedef psa_app_key_id_t psa_key_file_id_t;
+#define PSA_KEY_FILE_GET_KEY_ID( id ) ( id )
+
+#endif /* !MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
+
+#endif /* PSA_CRYPTO_PLATFORM_H */
diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h
new file mode 100644
index 0000000..20cd4b4
--- /dev/null
+++ b/include/psa/crypto_se_driver.h
@@ -0,0 +1,962 @@
+/**
+ * \file psa/crypto_se_driver.h
+ * \brief PSA external cryptoprocessor driver module
+ *
+ * This header declares types and function signatures for cryptography
+ * drivers that access key material via opaque references. This is
+ * meant for cryptoprocessors that have a separate key storage from the
+ * space in which the PSA Crypto implementation runs, typically secure
+ * elements.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef PSA_CRYPTO_SE_DRIVER_H
+#define PSA_CRYPTO_SE_DRIVER_H
+
+#include "crypto_driver_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** An internal designation of a key slot between the core part of the
+ * PSA Crypto implementation and the driver. The meaning of this value
+ * is driver-dependent. */
+typedef uint32_t psa_key_slot_t;
+
+/** \defgroup opaque_mac Opaque Message Authentication Code
+ * Generation and authentication of Message Authentication Codes (MACs) using
+ * opaque keys can be done either as a single function call (via the
+ * `psa_drv_mac_opaque_generate_t` or `psa_drv_mac_opaque_verify_t` functions), or in
+ * parts using the following sequence:
+ * - `psa_drv_mac_opaque_setup_t`
+ * - `psa_drv_mac_opaque_update_t`
+ * - `psa_drv_mac_opaque_update_t`
+ * - ...
+ * - `psa_drv_mac_opaque_finish_t` or `psa_drv_mac_opaque_finish_verify_t`
+ *
+ * If a previously started Opaque MAC operation needs to be terminated, it
+ * should be done so by the `psa_drv_mac_opaque_abort_t`. Failure to do so may
+ * result in allocated resources not being freed or in other undefined
+ * behavior.
+ */
+/**@{*/
+/** \brief A function that starts a MAC operation for a PSA Crypto Driver
+ * implementation using an opaque key
+ *
+ * \param[in,out] p_context A structure that will contain the
+ * hardware-specific MAC context
+ * \param[in] key_slot The slot of the key to be used for the
+ * operation
+ * \param[in] algorithm The algorithm to be used to underly the MAC
+ * operation
+ *
+ * \retval PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_mac_opaque_setup_t)(void *p_context,
+ psa_key_slot_t key_slot,
+ psa_algorithm_t algorithm);
+
+/** \brief A function that continues a previously started MAC operation using
+ * an opaque key
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously-established MAC operation to be
+ * continued
+ * \param[in] p_input A buffer containing the message to be appended
+ * to the MAC operation
+ * \param[in] input_length The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*psa_drv_mac_opaque_update_t)(void *p_context,
+ const uint8_t *p_input,
+ size_t input_length);
+
+/** \brief a function that completes a previously started MAC operation by
+ * returning the resulting MAC using an opaque key
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started MAC operation to be
+ * finished
+ * \param[out] p_mac A buffer where the generated MAC will be
+ * placed
+ * \param[in] mac_size The size in bytes of the buffer that has been
+ * allocated for the `output` buffer
+ * \param[out] p_mac_length After completion, will contain the number of
+ * bytes placed in the `p_mac` buffer
+ *
+ * \retval PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_mac_opaque_finish_t)(void *p_context,
+ uint8_t *p_mac,
+ size_t mac_size,
+ size_t *p_mac_length);
+
+/** \brief A function that completes a previously started MAC operation by
+ * comparing the resulting MAC against a known value using an opaque key
+ *
+ * \param[in,out] p_context A hardware-specific structure for the previously
+ * started MAC operation to be fiinished
+ * \param[in] p_mac The MAC value against which the resulting MAC will
+ * be compared against
+ * \param[in] mac_length The size in bytes of the value stored in `p_mac`
+ *
+ * \retval PSA_SUCCESS
+ * The operation completed successfully and the MACs matched each
+ * other
+ * \retval PSA_ERROR_INVALID_SIGNATURE
+ * The operation completed successfully, but the calculated MAC did
+ * not match the provided MAC
+ */
+typedef psa_status_t (*psa_drv_mac_opaque_finish_verify_t)(void *p_context,
+ const uint8_t *p_mac,
+ size_t mac_length);
+
+/** \brief A function that aborts a previous started opaque-key MAC operation
+
+ * \param[in,out] p_context A hardware-specific structure for the previously
+ * started MAC operation to be aborted
+ */
+typedef psa_status_t (*psa_drv_mac_opaque_abort_t)(void *p_context);
+
+/** \brief A function that performs a MAC operation in one command and returns
+ * the calculated MAC using an opaque key
+ *
+ * \param[in] p_input A buffer containing the message to be MACed
+ * \param[in] input_length The size in bytes of `p_input`
+ * \param[in] key_slot The slot of the key to be used
+ * \param[in] alg The algorithm to be used to underlie the MAC
+ * operation
+ * \param[out] p_mac A buffer where the generated MAC will be
+ * placed
+ * \param[in] mac_size The size in bytes of the `p_mac` buffer
+ * \param[out] p_mac_length After completion, will contain the number of
+ * bytes placed in the `output` buffer
+ *
+ * \retval PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_mac_opaque_generate_t)(const uint8_t *p_input,
+ size_t input_length,
+ psa_key_slot_t key_slot,
+ psa_algorithm_t alg,
+ uint8_t *p_mac,
+ size_t mac_size,
+ size_t *p_mac_length);
+
+/** \brief A function that performs an MAC operation in one command and
+ * compare the resulting MAC against a known value using an opaque key
+ *
+ * \param[in] p_input A buffer containing the message to be MACed
+ * \param[in] input_length The size in bytes of `input`
+ * \param[in] key_slot The slot of the key to be used
+ * \param[in] alg The algorithm to be used to underlie the MAC
+ * operation
+ * \param[in] p_mac The MAC value against which the resulting MAC will
+ * be compared against
+ * \param[in] mac_length The size in bytes of `mac`
+ *
+ * \retval PSA_SUCCESS
+ * The operation completed successfully and the MACs matched each
+ * other
+ * \retval PSA_ERROR_INVALID_SIGNATURE
+ * The operation completed successfully, but the calculated MAC did
+ * not match the provided MAC
+ */
+typedef psa_status_t (*psa_drv_mac_opaque_verify_t)(const uint8_t *p_input,
+ size_t input_length,
+ psa_key_slot_t key_slot,
+ psa_algorithm_t alg,
+ const uint8_t *p_mac,
+ size_t mac_length);
+
+/** \brief A struct containing all of the function pointers needed to
+ * implement MAC operations using opaque keys.
+ *
+ * PSA Crypto API implementations should populate the table as appropriate
+ * upon startup.
+ *
+ * If one of the functions is not implemented (such as
+ * `psa_drv_mac_opaque_generate_t`), it should be set to NULL.
+ *
+ * Driver implementers should ensure that they implement all of the functions
+ * that make sense for their hardware, and that they provide a full solution
+ * (for example, if they support `p_setup`, they should also support
+ * `p_update` and at least one of `p_finish` or `p_finish_verify`).
+ *
+ */
+typedef struct {
+ /**The size in bytes of the hardware-specific Opaque-MAC Context structure
+ */
+ size_t context_size;
+ /** Function that performs the setup operation
+ */
+ psa_drv_mac_opaque_setup_t *p_setup;
+ /** Function that performs the update operation
+ */
+ psa_drv_mac_opaque_update_t *p_update;
+ /** Function that completes the operation
+ */
+ psa_drv_mac_opaque_finish_t *p_finish;
+ /** Function that completed a MAC operation with a verify check
+ */
+ psa_drv_mac_opaque_finish_verify_t *p_finish_verify;
+ /** Function that aborts a previoustly started operation
+ */
+ psa_drv_mac_opaque_abort_t *p_abort;
+ /** Function that performs the MAC operation in one call
+ */
+ psa_drv_mac_opaque_generate_t *p_mac;
+ /** Function that performs the MAC and verify operation in one call
+ */
+ psa_drv_mac_opaque_verify_t *p_mac_verify;
+} psa_drv_mac_opaque_t;
+/**@}*/
+
+/** \defgroup opaque_cipher Opaque Symmetric Ciphers
+ *
+ * Encryption and Decryption using opaque keys in block modes other than ECB
+ * must be done in multiple parts, using the following flow:
+ * - `psa_drv_cipher_opaque_setup_t`
+ * - `psa_drv_cipher_opaque_set_iv_t` (optional depending upon block mode)
+ * - `psa_drv_cipher_opaque_update_t`
+ * - ...
+ * - `psa_drv_cipher_opaque_finish_t`
+
+ * If a previously started Opaque Cipher operation needs to be terminated, it
+ * should be done so by the `psa_drv_cipher_opaque_abort_t`. Failure to do so may
+ * result in allocated resources not being freed or in other undefined
+ * behavior.
+ *
+ * In situations where a PSA Cryptographic API implementation is using a block
+ * mode not-supported by the underlying hardware or driver, it can construct
+ * the block mode itself, while calling the `psa_drv_cipher_opaque_ecb_t` function
+ * pointer for the cipher operations.
+ */
+/**@{*/
+
+/** \brief A function pointer that provides the cipher setup function for
+ * opaque-key operations
+ *
+ * \param[in,out] p_context A structure that will contain the
+ * hardware-specific cipher context.
+ * \param[in] key_slot The slot of the key to be used for the
+ * operation
+ * \param[in] algorithm The algorithm to be used in the cipher
+ * operation
+ * \param[in] direction Indicates whether the operation is an encrypt
+ * or decrypt
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ */
+typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context,
+ psa_key_slot_t key_slot,
+ psa_algorithm_t algorithm,
+ psa_encrypt_or_decrypt_t direction);
+
+/** \brief A function pointer that sets the initialization vector (if
+ * necessary) for an opaque cipher operation
+ *
+ * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two
+ * IV functions: one to set the IV, and one to generate it internally. The
+ * generate function is not necessary for the drivers to implement as the PSA
+ * Crypto implementation can do the generation using its RNG features.
+ *
+ * \param[in,out] p_context A structure that contains the previously set up
+ * hardware-specific cipher context
+ * \param[in] p_iv A buffer containing the initialization vector
+ * \param[in] iv_length The size (in bytes) of the `p_iv` buffer
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_opaque_set_iv_t)(void *p_context,
+ const uint8_t *p_iv,
+ size_t iv_length);
+
+/** \brief A function that continues a previously started opaque-key cipher
+ * operation
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started cipher operation
+ * \param[in] p_input A buffer containing the data to be
+ * encrypted/decrypted
+ * \param[in] input_size The size in bytes of the buffer pointed to
+ * by `p_input`
+ * \param[out] p_output The caller-allocated buffer where the
+ * output will be placed
+ * \param[in] output_size The allocated size in bytes of the
+ * `p_output` buffer
+ * \param[out] p_output_length After completion, will contain the number
+ * of bytes placed in the `p_output` buffer
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_opaque_update_t)(void *p_context,
+ const uint8_t *p_input,
+ size_t input_size,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/** \brief A function that completes a previously started opaque-key cipher
+ * operation
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started cipher operation
+ * \param[out] p_output The caller-allocated buffer where the output
+ * will be placed
+ * \param[in] output_size The allocated size in bytes of the `p_output`
+ * buffer
+ * \param[out] p_output_length After completion, will contain the number of
+ * bytes placed in the `p_output` buffer
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_opaque_finish_t)(void *p_context,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/** \brief A function that aborts a previously started opaque-key cipher
+ * operation
+ *
+ * \param[in,out] p_context A hardware-specific structure for the
+ * previously started cipher operation
+ */
+typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context);
+
+/** \brief A function that performs the ECB block mode for opaque-key cipher
+ * operations
+ *
+ * Note: this function should only be used with implementations that do not
+ * provide a needed higher-level operation.
+ *
+ * \param[in] key_slot The slot of the key to be used for the operation
+ * \param[in] algorithm The algorithm to be used in the cipher operation
+ * \param[in] direction Indicates whether the operation is an encrypt or
+ * decrypt
+ * \param[in] p_input A buffer containing the data to be
+ * encrypted/decrypted
+ * \param[in] input_size The size in bytes of the buffer pointed to by
+ * `p_input`
+ * \param[out] p_output The caller-allocated buffer where the output will
+ * be placed
+ * \param[in] output_size The allocated size in bytes of the `p_output`
+ * buffer
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ */
+typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
+ psa_algorithm_t algorithm,
+ psa_encrypt_or_decrypt_t direction,
+ const uint8_t *p_input,
+ size_t input_size,
+ uint8_t *p_output,
+ size_t output_size);
+
+/**
+ * \brief A struct containing all of the function pointers needed to implement
+ * cipher operations using opaque keys.
+ *
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
+ *
+ * If one of the functions is not implemented (such as
+ * `psa_drv_cipher_opaque_ecb_t`), it should be set to NULL.
+ */
+typedef struct {
+ /** The size in bytes of the hardware-specific Opaque Cipher context
+ * structure
+ */
+ size_t size;
+ /** Function that performs the setup operation */
+ psa_drv_cipher_opaque_setup_t *p_setup;
+ /** Function that sets the IV (if necessary) */
+ psa_drv_cipher_opaque_set_iv_t *p_set_iv;
+ /** Function that performs the update operation */
+ psa_drv_cipher_opaque_update_t *p_update;
+ /** Function that completes the operation */
+ psa_drv_cipher_opaque_finish_t *p_finish;
+ /** Function that aborts the operation */
+ psa_drv_cipher_opaque_abort_t *p_abort;
+ /** Function that performs ECB mode for the cipher
+ * (Danger: ECB mode should not be used directly by clients of the PSA
+ * Crypto Client API)
+ */
+ psa_drv_cipher_opaque_ecb_t *p_ecb;
+} psa_drv_cipher_opaque_t;
+
+/**@}*/
+
+/** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography
+ *
+ * Since the amount of data that can (or should) be encrypted or signed using
+ * asymmetric keys is limited by the key size, asymmetric key operations using
+ * opaque keys must be done in single function calls.
+ */
+/**@{*/
+
+/**
+ * \brief A function that signs a hash or short message with a private key
+ *
+ * \param[in] key_slot Key slot of an asymmetric key pair
+ * \param[in] alg A signature algorithm that is compatible
+ * with the type of `key`
+ * \param[in] p_hash The hash to sign
+ * \param[in] hash_length Size of the `p_hash` buffer in bytes
+ * \param[out] p_signature Buffer where the signature is to be written
+ * \param[in] signature_size Size of the `p_signature` buffer in bytes
+ * \param[out] p_signature_length On success, the number of bytes
+ * that make up the returned signature value
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
+ psa_algorithm_t alg,
+ const uint8_t *p_hash,
+ size_t hash_length,
+ uint8_t *p_signature,
+ size_t signature_size,
+ size_t *p_signature_length);
+
+/**
+ * \brief A function that verifies the signature a hash or short message using
+ * an asymmetric public key
+ *
+ * \param[in] key_slot Key slot of a public key or an asymmetric key
+ * pair
+ * \param[in] alg A signature algorithm that is compatible with
+ * the type of `key`
+ * \param[in] p_hash The hash whose signature is to be verified
+ * \param[in] hash_length Size of the `p_hash` buffer in bytes
+ * \param[in] p_signature Buffer containing the signature to verify
+ * \param[in] signature_length Size of the `p_signature` buffer in bytes
+ *
+ * \retval PSA_SUCCESS
+ * The signature is valid.
+ */
+typedef psa_status_t (*psa_drv_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
+ psa_algorithm_t alg,
+ const uint8_t *p_hash,
+ size_t hash_length,
+ const uint8_t *p_signature,
+ size_t signature_length);
+
+/**
+ * \brief A function that encrypts a short message with an asymmetric public
+ * key
+ *
+ * \param[in] key_slot Key slot of a public key or an asymmetric key
+ * pair
+ * \param[in] alg An asymmetric encryption algorithm that is
+ * compatible with the type of `key`
+ * \param[in] p_input The message to encrypt
+ * \param[in] input_length Size of the `p_input` buffer in bytes
+ * \param[in] p_salt A salt or label, if supported by the
+ * encryption algorithm
+ * If the algorithm does not support a
+ * salt, pass `NULL`.
+ * If the algorithm supports an optional
+ * salt and you do not want to pass a salt,
+ * pass `NULL`.
+ * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ * supported.
+ * \param[in] salt_length Size of the `p_salt` buffer in bytes
+ * If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output Buffer where the encrypted message is to
+ * be written
+ * \param[in] output_size Size of the `p_output` buffer in bytes
+ * \param[out] p_output_length On success, the number of bytes that make up
+ * the returned output
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
+ psa_algorithm_t alg,
+ const uint8_t *p_input,
+ size_t input_length,
+ const uint8_t *p_salt,
+ size_t salt_length,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/**
+ * \brief Decrypt a short message with an asymmetric private key.
+ *
+ * \param[in] key_slot Key slot of an asymmetric key pair
+ * \param[in] alg An asymmetric encryption algorithm that is
+ * compatible with the type of `key`
+ * \param[in] p_input The message to decrypt
+ * \param[in] input_length Size of the `p_input` buffer in bytes
+ * \param[in] p_salt A salt or label, if supported by the
+ * encryption algorithm
+ * If the algorithm does not support a
+ * salt, pass `NULL`.
+ * If the algorithm supports an optional
+ * salt and you do not want to pass a salt,
+ * pass `NULL`.
+ * For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ * supported.
+ * \param[in] salt_length Size of the `p_salt` buffer in bytes
+ * If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output Buffer where the decrypted message is to
+ * be written
+ * \param[in] output_size Size of the `p_output` buffer in bytes
+ * \param[out] p_output_length On success, the number of bytes
+ * that make up the returned output
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
+ psa_algorithm_t alg,
+ const uint8_t *p_input,
+ size_t input_length,
+ const uint8_t *p_salt,
+ size_t salt_length,
+ uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/**
+ * \brief A struct containing all of the function pointers needed to implement
+ * asymmetric cryptographic operations using opaque keys.
+ *
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
+ *
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+typedef struct {
+ /** Function that performs the asymmetric sign operation */
+ psa_drv_asymmetric_opaque_sign_t *p_sign;
+ /** Function that performs the asymmetric verify operation */
+ psa_drv_asymmetric_opaque_verify_t *p_verify;
+ /** Function that performs the asymmetric encrypt operation */
+ psa_drv_asymmetric_opaque_encrypt_t *p_encrypt;
+ /** Function that performs the asymmetric decrypt operation */
+ psa_drv_asymmetric_opaque_decrypt_t *p_decrypt;
+} psa_drv_asymmetric_opaque_t;
+
+/**@}*/
+
+/** \defgroup aead_opaque AEAD Opaque
+ * Authenticated Encryption with Additional Data (AEAD) operations with opaque
+ * keys must be done in one function call. While this creates a burden for
+ * implementers as there must be sufficient space in memory for the entire
+ * message, it prevents decrypted data from being made available before the
+ * authentication operation is complete and the data is known to be authentic.
+ */
+/**@{*/
+
+/** \brief Process an authenticated encryption operation using an opaque key
+ *
+ * \param[in] key_slot Slot containing the key to use.
+ * \param[in] algorithm The AEAD algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] p_nonce Nonce or IV to use
+ * \param[in] nonce_length Size of the `p_nonce` buffer in bytes
+ * \param[in] p_additional_data Additional data that will be
+ * authenticated but not encrypted
+ * \param[in] additional_data_length Size of `p_additional_data` in bytes
+ * \param[in] p_plaintext Data that will be authenticated and
+ * encrypted
+ * \param[in] plaintext_length Size of `p_plaintext` in bytes
+ * \param[out] p_ciphertext Output buffer for the authenticated and
+ * encrypted data. The additional data is
+ * not part of this output. For algorithms
+ * where the encrypted data and the
+ * authentication tag are defined as
+ * separate outputs, the authentication
+ * tag is appended to the encrypted data.
+ * \param[in] ciphertext_size Size of the `p_ciphertext` buffer in
+ * bytes
+ * \param[out] p_ciphertext_length On success, the size of the output in
+ * the `p_ciphertext` buffer
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
+ psa_algorithm_t algorithm,
+ const uint8_t *p_nonce,
+ size_t nonce_length,
+ const uint8_t *p_additional_data,
+ size_t additional_data_length,
+ const uint8_t *p_plaintext,
+ size_t plaintext_length,
+ uint8_t *p_ciphertext,
+ size_t ciphertext_size,
+ size_t *p_ciphertext_length);
+
+/** Process an authenticated decryption operation using an opaque key
+ *
+ * \param[in] key_slot Slot containing the key to use
+ * \param[in] algorithm The AEAD algorithm to compute
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] p_nonce Nonce or IV to use
+ * \param[in] nonce_length Size of the `p_nonce` buffer in bytes
+ * \param[in] p_additional_data Additional data that has been
+ * authenticated but not encrypted
+ * \param[in] additional_data_length Size of `p_additional_data` in bytes
+ * \param[in] p_ciphertext Data that has been authenticated and
+ * encrypted.
+ * For algorithms where the encrypted data
+ * and the authentication tag are defined
+ * as separate inputs, the buffer must
+ * contain the encrypted data followed by
+ * the authentication tag.
+ * \param[in] ciphertext_length Size of `p_ciphertext` in bytes
+ * \param[out] p_plaintext Output buffer for the decrypted data
+ * \param[in] plaintext_size Size of the `p_plaintext` buffer in
+ * bytes
+ * \param[out] p_plaintext_length On success, the size of the output in
+ * the `p_plaintext` buffer
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
+ psa_algorithm_t algorithm,
+ const uint8_t *p_nonce,
+ size_t nonce_length,
+ const uint8_t *p_additional_data,
+ size_t additional_data_length,
+ const uint8_t *p_ciphertext,
+ size_t ciphertext_length,
+ uint8_t *p_plaintext,
+ size_t plaintext_size,
+ size_t *p_plaintext_length);
+
+/**
+ * \brief A struct containing all of the function pointers needed to implement
+ * Authenticated Encryption with Additional Data operations using opaque keys
+ *
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
+ *
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+typedef struct {
+ /** Function that performs the AEAD encrypt operation */
+ psa_drv_aead_opaque_encrypt_t *p_encrypt;
+ /** Function that performs the AEAD decrypt operation */
+ psa_drv_aead_opaque_decrypt_t *p_decrypt;
+} psa_drv_aead_opaque_t;
+/**@}*/
+
+/** \defgroup driver_key_management Key Management
+ * Currently, key management is limited to importing keys in the clear,
+ * destroying keys, and exporting keys in the clear.
+ * Whether a key may be exported is determined by the key policies in place
+ * on the key slot.
+ */
+/**@{*/
+
+/** \brief Import a key in binary format
+ *
+ * This function can support any output from psa_export_key(). Refer to the
+ * documentation of psa_export_key() for the format for each key type.
+ *
+ * \param[in] key_slot Slot where the key will be stored
+ * This must be a valid slot for a key of the chosen
+ * type. It must be unoccupied.
+ * \param[in] type Key type (a \c PSA_KEY_TYPE_XXX value)
+ * \param[in] algorithm Key algorithm (a \c PSA_ALG_XXX value)
+ * \param[in] usage The allowed uses of the key
+ * \param[in] p_data Buffer containing the key data
+ * \param[in] data_length Size of the `data` buffer in bytes
+ *
+ * \retval #PSA_SUCCESS
+ * Success.
+ */
+typedef psa_status_t (*psa_drv_opaque_import_key_t)(psa_key_slot_t key_slot,
+ psa_key_type_t type,
+ psa_algorithm_t algorithm,
+ psa_key_usage_t usage,
+ const uint8_t *p_data,
+ size_t data_length);
+
+/**
+ * \brief Destroy a key and restore the slot to its default state
+ *
+ * This function destroys the content of the key slot from both volatile
+ * memory and, if applicable, non-volatile storage. Implementations shall
+ * make a best effort to ensure that any previous content of the slot is
+ * unrecoverable.
+ *
+ * This function also erases any metadata such as policies. It returns the
+ * specified slot to its default state.
+ *
+ * \param[in] key_slot The key slot to erase.
+ *
+ * \retval #PSA_SUCCESS
+ * The slot's content, if any, has been erased.
+ */
+typedef psa_status_t (*psa_drv_destroy_key_t)(psa_key_slot_t key);
+
+/**
+ * \brief Export a key in binary format
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an equivalent object.
+ *
+ * If a key is created with `psa_import_key()` and then exported with
+ * this function, it is not guaranteed that the resulting data is
+ * identical: the implementation may choose a different representation
+ * of the same key if the format permits it.
+ *
+ * For standard key types, the output format is as follows:
+ *
+ * - For symmetric keys (including MAC keys), the format is the
+ * raw bytes of the key.
+ * - For DES, the key data consists of 8 bytes. The parity bits must be
+ * correct.
+ * - For Triple-DES, the format is the concatenation of the
+ * two or three DES keys.
+ * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
+ * is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017)
+ * as RSAPrivateKey.
+ * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
+ * is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo.
+ *
+ * \param[in] key Slot whose content is to be exported. This must
+ * be an occupied key slot.
+ * \param[out] p_data Buffer where the key data is to be written.
+ * \param[in] data_size Size of the `p_data` buffer in bytes.
+ * \param[out] p_data_length On success, the number of bytes
+ * that make up the key data.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+typedef psa_status_t (*psa_drv_export_key_t)(psa_key_slot_t key,
+ uint8_t *p_data,
+ size_t data_size,
+ size_t *p_data_length);
+
+/**
+ * \brief Export a public key or the public part of a key pair in binary format
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an object that is equivalent to the public key.
+ *
+ * For standard key types, the output format is as follows:
+ *
+ * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY),
+ * the format is the DER representation of the public key defined by RFC 5280
+ * as SubjectPublicKeyInfo.
+ *
+ * \param[in] key_slot Slot whose content is to be exported. This must
+ * be an occupied key slot.
+ * \param[out] p_data Buffer where the key data is to be written.
+ * \param[in] data_size Size of the `data` buffer in bytes.
+ * \param[out] p_data_length On success, the number of bytes
+ * that make up the key data.
+ *
+ * \retval #PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key,
+ uint8_t *p_data,
+ size_t data_size,
+ size_t *p_data_length);
+
+/**
+ * \brief A struct containing all of the function pointers needed to for key
+ * management using opaque keys
+ *
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
+ *
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+typedef struct {
+ /** Function that performs the key import operation */
+ psa_drv_opaque_import_key_t *p_import;
+ /** Function that performs the key destroy operation */
+ psa_drv_destroy_key_t *p_destroy;
+ /** Function that performs the key export operation */
+ psa_drv_export_key_t *p_export;
+ /** Function that perforsm the public key export operation */
+ psa_drv_export_public_key_t *p_export_public;
+} psa_drv_key_management_t;
+
+/**@}*/
+
+/** \defgroup driver_derivation Key Derivation and Agreement
+ * Key derivation is the process of generating new key material using an
+ * existing key and additional parameters, iterating through a basic
+ * cryptographic function, such as a hash.
+ * Key agreement is a part of cryptographic protocols that allows two parties
+ * to agree on the same key value, but starting from different original key
+ * material.
+ * The flows are similar, and the PSA Crypto Driver Model uses the same functions
+ * for both of the flows.
+ *
+ * There are two different final functions for the flows,
+ * `psa_drv_key_derivation_derive` and `psa_drv_key_derivation_export`.
+ * `psa_drv_key_derivation_derive` is used when the key material should be placed
+ * in a slot on the hardware and not exposed to the caller.
+ * `psa_drv_key_derivation_export` is used when the key material should be returned
+ * to the PSA Cryptographic API implementation.
+ *
+ * Different key derivation algorithms require a different number of inputs.
+ * Instead of having an API that takes as input variable length arrays, which
+ * can be problemmatic to manage on embedded platforms, the inputs are passed
+ * to the driver via a function, `psa_drv_key_derivation_collateral`, that is
+ * called multiple times with different `collateral_id`s. Thus, for a key
+ * derivation algorithm that required 3 paramter inputs, the flow would look
+ * something like:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
+ * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_0,
+ * p_collateral_0,
+ * collateral_0_size);
+ * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_1,
+ * p_collateral_1,
+ * collateral_1_size);
+ * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_2,
+ * p_collateral_2,
+ * collateral_2_size);
+ * psa_drv_key_derivation_derive();
+ * ~~~~~~~~~~~~~
+ *
+ * key agreement example:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_key_derivation_setup(alg, source_key. dest_key_size_bytes);
+ * psa_drv_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
+ * psa_drv_key_derivation_export(p_session_key,
+ * session_key_size,
+ * &session_key_length);
+ * ~~~~~~~~~~~~~
+ */
+/**@{*/
+
+/** \brief The hardware-specific key derivation context structure
+ *
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here
+ */
+typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t;
+
+/** \brief Set up a key derivation operation by specifying the algorithm and
+ * the source key sot
+ *
+ * \param[in,out] p_context A hardware-specific structure containing any
+ * context information for the implementation
+ * \param[in] kdf_alg The algorithm to be used for the key derivation
+ * \param[in] souce_key The key to be used as the source material for the
+ * key derivation
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context,
+ psa_algorithm_t kdf_alg,
+ psa_key_slot_t source_key);
+
+/** \brief Provide collateral (parameters) needed for a key derivation or key
+ * agreement operation
+ *
+ * Since many key derivation algorithms require multiple parameters, it is
+ * expeced that this function may be called multiple times for the same
+ * operation, each with a different algorithm-specific `collateral_id`
+ *
+ * \param[in,out] p_context A hardware-specific structure containing any
+ * context information for the implementation
+ * \param[in] collateral_id An ID for the collateral being provided
+ * \param[in] p_collateral A buffer containing the collateral data
+ * \param[in] collateral_size The size in bytes of the collateral
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_key_derivation_collateral_t)(psa_drv_key_derivation_context_t *p_context,
+ uint32_t collateral_id,
+ const uint8_t *p_collateral,
+ size_t collateral_size);
+
+/** \brief Perform the final key derivation step and place the generated key
+ * material in a slot
+ * \param[in,out] p_context A hardware-specific structure containing any
+ * context information for the implementation
+ * \param[in] dest_key The slot where the generated key material
+ * should be placed
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context,
+ psa_key_slot_t dest_key);
+
+/** \brief Perform the final step of a key agreement and place the generated
+ * key material in a buffer
+ *
+ * \param[out] p_output Buffer in which to place the generated key
+ * material
+ * \param[in] output_size The size in bytes of `p_output`
+ * \param[out] p_output_length Upon success, contains the number of bytes of
+ * key material placed in `p_output`
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output,
+ size_t output_size,
+ size_t *p_output_length);
+
+/**
+ * \brief A struct containing all of the function pointers needed to for key
+ * derivation and agreement
+ *
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
+ *
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+typedef struct {
+ /** Function that performs the key derivation setup */
+ psa_drv_key_derivation_setup_t *p_setup;
+ /** Function that sets the key derivation collateral */
+ psa_drv_key_derivation_collateral_t *p_collateral;
+ /** Function that performs the final key derivation step */
+ psa_drv_key_derivation_derive_t *p_derive;
+ /** Function that perforsm the final key derivation or agreement and
+ * exports the key */
+ psa_drv_key_derivation_export_t *p_export;
+} psa_drv_key_derivation_t;
+
+/**@}*/
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_SE_DRIVER_H */
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
new file mode 100644
index 0000000..34664fc
--- /dev/null
+++ b/include/psa/crypto_sizes.h
@@ -0,0 +1,580 @@
+/**
+ * \file psa/crypto_sizes.h
+ *
+ * \brief PSA cryptography module: Mbed TLS buffer size macros
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains the definitions of macros that are useful to
+ * compute buffer sizes. The signatures and semantics of these macros
+ * are standardized, but the definitions are not, because they depend on
+ * the available algorithms and, in some cases, on permitted tolerances
+ * on buffer sizes.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, implementers should take care to ensure that
+ * the definitions that are exposed to applications match what the
+ * module implements.
+ *
+ * Macros that compute sizes whose values do not depend on the
+ * implementation are in crypto.h.
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_SIZES_H
+#define PSA_CRYPTO_SIZES_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "../mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
+#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
+
+/** The size of the output of psa_hash_finish(), in bytes.
+ *
+ * This is also the hash size that psa_hash_verify() expects.
+ *
+ * \param alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm
+ * (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a
+ * hash algorithm).
+ *
+ * \return The hash size for the specified hash algorithm.
+ * If the hash algorithm is not recognized, return 0.
+ * An implementation may return either 0 or the correct size
+ * for a hash algorithm that it recognizes, but does not support.
+ */
+#define PSA_HASH_SIZE(alg) \
+ ( \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
+ PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
+ 0)
+
+/** \def PSA_HASH_MAX_SIZE
+ *
+ * Maximum size of a hash.
+ *
+ * This macro must expand to a compile-time constant integer. This value
+ * should be the maximum size of a hash supported by the implementation,
+ * in bytes, and must be no smaller than this maximum.
+ */
+/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
+ * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
+ * HMAC-SHA3-512. */
+#if defined(MBEDTLS_SHA512_C)
+#define PSA_HASH_MAX_SIZE 64
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
+#else
+#define PSA_HASH_MAX_SIZE 32
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
+#endif
+
+/** \def PSA_MAC_MAX_SIZE
+ *
+ * Maximum size of a MAC.
+ *
+ * This macro must expand to a compile-time constant integer. This value
+ * should be the maximum size of a MAC supported by the implementation,
+ * in bytes, and must be no smaller than this maximum.
+ */
+/* All non-HMAC MACs have a maximum size that's smaller than the
+ * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */
+/* Note that the encoding of truncated MAC algorithms limits this value
+ * to 64 bytes.
+ */
+#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
+
+/** The tag size for an AEAD algorithm, in bytes.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return The tag size for the specified algorithm.
+ * If the AEAD algorithm does not have an identified
+ * tag that can be distinguished from the rest of
+ * the ciphertext, return 0.
+ * If the AEAD algorithm is not recognized, return 0.
+ * An implementation may return either 0 or a
+ * correct size for an AEAD algorithm that it
+ * recognizes, but does not support.
+ */
+#define PSA_AEAD_TAG_LENGTH(alg) \
+ (PSA_ALG_IS_AEAD(alg) ? \
+ (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \
+ 0)
+
+/* The maximum size of an RSA key on this implementation, in bits.
+ * This is a vendor-specific macro.
+ *
+ * Mbed TLS does not set a hard limit on the size of RSA keys: any key
+ * whose parameters fit in a bignum is accepted. However large keys can
+ * induce a large memory usage and long computation times. Unlike other
+ * auxiliary macros in this file and in crypto.h, which reflect how the
+ * library is configured, this macro defines how the library is
+ * configured. This implementation refuses to import or generate an
+ * RSA key whose size is larger than the value defined here.
+ *
+ * Note that an implementation may set different size limits for different
+ * operations, and does not need to accept all key sizes up to the limit. */
+#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096
+
+/* The maximum size of an ECC key on this implementation, in bits.
+ * This is a vendor-specific macro. */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521
+#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512
+#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448
+#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
+#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
+#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255
+#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
+#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
+#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
+#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
+#else
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
+#endif
+
+/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN
+ *
+ * This macro returns the maximum length of the PSK supported
+ * by the TLS-1.2 PSK-to-MS key derivation.
+ *
+ * Quoting RFC 4279, Sect 5.3:
+ * TLS implementations supporting these ciphersuites MUST support
+ * arbitrary PSK identities up to 128 octets in length, and arbitrary
+ * PSKs up to 64 octets in length. Supporting longer identities and
+ * keys is RECOMMENDED.
+ *
+ * Therefore, no implementation should define a value smaller than 64
+ * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN.
+ */
+#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128
+
+/** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE
+ *
+ * Maximum size of an asymmetric signature.
+ *
+ * This macro must expand to a compile-time constant integer. This value
+ * should be the maximum size of a MAC supported by the implementation,
+ * in bytes, and must be no smaller than this maximum.
+ */
+#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \
+ PSA_BITS_TO_BYTES( \
+ PSA_VENDOR_RSA_MAX_KEY_BITS > PSA_VENDOR_ECC_MAX_CURVE_BITS ? \
+ PSA_VENDOR_RSA_MAX_KEY_BITS : \
+ PSA_VENDOR_ECC_MAX_CURVE_BITS \
+ )
+
+/** The maximum size of a block cipher supported by the implementation. */
+#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16
+
+/** The size of the output of psa_mac_sign_finish(), in bytes.
+ *
+ * This is also the MAC size that psa_mac_verify_finish() expects.
+ *
+ * \param key_type The type of the MAC key.
+ * \param key_bits The size of the MAC key in bits.
+ * \param alg A MAC algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_MAC(alg) is true).
+ *
+ * \return The MAC size for the specified algorithm with
+ * the specified key parameters.
+ * \return 0 if the MAC algorithm is not recognized.
+ * \return Either 0 or the correct size for a MAC algorithm that
+ * the implementation recognizes, but does not support.
+ * \return Unspecified if the key parameters are not consistent
+ * with the algorithm.
+ */
+#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
+ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
+ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
+ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+ ((void)(key_type), (void)(key_bits), 0))
+
+/** The maximum size of the output of psa_aead_encrypt(), in bytes.
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_encrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the ciphertext may be smaller.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(alg) is true).
+ * \param plaintext_length Size of the plaintext in bytes.
+ *
+ * \return The AEAD ciphertext size for the specified
+ * algorithm.
+ * If the AEAD algorithm is not recognized, return 0.
+ * An implementation may return either 0 or a
+ * correct size for an AEAD algorithm that it
+ * recognizes, but does not support.
+ */
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \
+ (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \
+ (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \
+ 0)
+
+/** The maximum size of the output of psa_aead_decrypt(), in bytes.
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_decrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the plaintext may be smaller.
+ *
+ * \param alg An AEAD algorithm
+ * (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(alg) is true).
+ * \param ciphertext_length Size of the plaintext in bytes.
+ *
+ * \return The AEAD ciphertext size for the specified
+ * algorithm.
+ * If the AEAD algorithm is not recognized, return 0.
+ * An implementation may return either 0 or a
+ * correct size for an AEAD algorithm that it
+ * recognizes, but does not support.
+ */
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \
+ (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \
+ (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) : \
+ 0)
+
+#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \
+ (PSA_ALG_IS_RSA_OAEP(alg) ? \
+ 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \
+ 11 /*PKCS#1v1.5*/)
+
+/**
+ * \brief ECDSA signature size for a given curve bit size
+ *
+ * \param curve_bits Curve size in bits.
+ * \return Signature size in bytes.
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ */
+#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \
+ (PSA_BITS_TO_BYTES(curve_bits) * 2)
+
+/** Safe signature buffer size for psa_asymmetric_sign().
+ *
+ * This macro returns a safe buffer size for a signature using a key
+ * of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the signature may be smaller
+ * (some algorithms produce a variable-size signature).
+ *
+ * \warning This function may call its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type An asymmetric key type (this may indifferently be a
+ * key pair type or a public key type).
+ * \param key_bits The size of the key in bits.
+ * \param alg The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ * a buffer size in bytes that guarantees that
+ * psa_asymmetric_sign() will not fail with
+ * #PSA_ERROR_BUFFER_TOO_SMALL.
+ * If the parameters are a valid combination that is not supported
+ * by the implementation, this macro either shall return either a
+ * sensible size or 0.
+ * If the parameters are not valid, the
+ * return value is unspecified.
+ */
+#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
+ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
+ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
+ ((void)alg, 0))
+
+/** Safe output buffer size for psa_asymmetric_encrypt().
+ *
+ * This macro returns a safe buffer size for a ciphertext produced using
+ * a key of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the ciphertext may be smaller, depending
+ * on the algorithm.
+ *
+ * \warning This function may call its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type An asymmetric key type (this may indifferently be a
+ * key pair type or a public key type).
+ * \param key_bits The size of the key in bits.
+ * \param alg The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ * a buffer size in bytes that guarantees that
+ * psa_asymmetric_encrypt() will not fail with
+ * #PSA_ERROR_BUFFER_TOO_SMALL.
+ * If the parameters are a valid combination that is not supported
+ * by the implementation, this macro either shall return either a
+ * sensible size or 0.
+ * If the parameters are not valid, the
+ * return value is unspecified.
+ */
+#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
+ (PSA_KEY_TYPE_IS_RSA(key_type) ? \
+ ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
+ 0)
+
+/** Safe output buffer size for psa_asymmetric_decrypt().
+ *
+ * This macro returns a safe buffer size for a ciphertext produced using
+ * a key of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the ciphertext may be smaller, depending
+ * on the algorithm.
+ *
+ * \warning This function may call its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type An asymmetric key type (this may indifferently be a
+ * key pair type or a public key type).
+ * \param key_bits The size of the key in bits.
+ * \param alg The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ * a buffer size in bytes that guarantees that
+ * psa_asymmetric_decrypt() will not fail with
+ * #PSA_ERROR_BUFFER_TOO_SMALL.
+ * If the parameters are a valid combination that is not supported
+ * by the implementation, this macro either shall return either a
+ * sensible size or 0.
+ * If the parameters are not valid, the
+ * return value is unspecified.
+ */
+#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
+ (PSA_KEY_TYPE_IS_RSA(key_type) ? \
+ PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \
+ 0)
+
+/* Maximum size of the ASN.1 encoding of an INTEGER with the specified
+ * number of bits.
+ *
+ * This definition assumes that bits <= 2^19 - 9 so that the length field
+ * is at most 3 bytes. The length of the encoding is the length of the
+ * bit string padded to a whole number of bytes plus:
+ * - 1 type byte;
+ * - 1 to 3 length bytes;
+ * - 0 to 1 bytes of leading 0 due to the sign bit.
+ */
+#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits) \
+ ((bits) / 8 + 5)
+
+/* Maximum size of the export encoding of an RSA public key.
+ * Assumes that the public exponent is less than 2^32.
+ *
+ * RSAPublicKey ::= SEQUENCE {
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER } -- e
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - n : INTEGER;
+ * - 7 bytes for the public exponent.
+ */
+#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \
+ (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11)
+
+/* Maximum size of the export encoding of an RSA key pair.
+ * Assumes thatthe public exponent is less than 2^32 and that the size
+ * difference between the two primes is at most 1 bit.
+ *
+ * RSAPrivateKey ::= SEQUENCE {
+ * version Version, -- 0
+ * modulus INTEGER, -- N-bit
+ * publicExponent INTEGER, -- 32-bit
+ * privateExponent INTEGER, -- N-bit
+ * prime1 INTEGER, -- N/2-bit
+ * prime2 INTEGER, -- N/2-bit
+ * exponent1 INTEGER, -- N/2-bit
+ * exponent2 INTEGER, -- N/2-bit
+ * coefficient INTEGER, -- N/2-bit
+ * }
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - 3 bytes of version;
+ * - 7 half-size INTEGERs plus 2 full-size INTEGERs,
+ * overapproximated as 9 half-size INTEGERS;
+ * - 7 bytes for the public exponent.
+ */
+#define PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits) \
+ (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14)
+
+/* Maximum size of the export encoding of a DSA public key.
+ *
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING } -- contains DSAPublicKey
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters Dss-Parms } -- SEQUENCE of 3 INTEGERs
+ * DSAPublicKey ::= INTEGER -- public key, Y
+ *
+ * - 3 * 4 bytes of SEQUENCE overhead;
+ * - 1 + 1 + 7 bytes of algorithm (DSA OID);
+ * - 4 bytes of BIT STRING overhead;
+ * - 3 full-size INTEGERs (p, g, y);
+ * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits).
+ */
+#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) \
+ (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59)
+
+/* Maximum size of the export encoding of a DSA key pair.
+ *
+ * DSAPrivateKey ::= SEQUENCE {
+ * version Version, -- 0
+ * prime INTEGER, -- p
+ * subprime INTEGER, -- q
+ * generator INTEGER, -- g
+ * public INTEGER, -- y
+ * private INTEGER, -- x
+ * }
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - 3 bytes of version;
+ * - 3 full-size INTEGERs (p, g, y);
+ * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits).
+ */
+#define PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits) \
+ (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75)
+
+/* Maximum size of the export encoding of an ECC public key.
+ *
+ * The representation of an ECC public key is:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - where m is the bit size associated with the curve.
+ *
+ * - 1 byte + 2 * point size.
+ */
+#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \
+ (2 * PSA_BITS_TO_BYTES(key_bits) + 1)
+
+/* Maximum size of the export encoding of an ECC key pair.
+ *
+ * An ECC key pair is represented by the secret value.
+ */
+#define PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) \
+ (PSA_BITS_TO_BYTES(key_bits))
+
+/** Safe output buffer size for psa_export_key() or psa_export_public_key().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * \warning This function may call its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * The following code illustrates how to allocate enough memory to export
+ * a key by querying the key type and size at runtime.
+ * \code{c}
+ * psa_key_type_t key_type;
+ * size_t key_bits;
+ * psa_status_t status;
+ * status = psa_get_key_information(key, &key_type, &key_bits);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits);
+ * unsigned char *buffer = malloc(buffer_size);
+ * if (buffer != NULL) handle_error(...);
+ * size_t buffer_length;
+ * status = psa_export_key(key, buffer, buffer_size, &buffer_length);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * \endcode
+ *
+ * For psa_export_public_key(), calculate the buffer size from the
+ * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR
+ * to convert a key pair type to the corresponding public key type.
+ * \code{c}
+ * psa_key_type_t key_type;
+ * size_t key_bits;
+ * psa_status_t status;
+ * status = psa_get_key_information(key, &key_type, &key_bits);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(key_type);
+ * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits);
+ * unsigned char *buffer = malloc(buffer_size);
+ * if (buffer != NULL) handle_error(...);
+ * size_t buffer_length;
+ * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * \endcode
+ *
+ * \param key_type A supported key type.
+ * \param key_bits The size of the key in bits.
+ *
+ * \return If the parameters are valid and supported, return
+ * a buffer size in bytes that guarantees that
+ * psa_asymmetric_sign() will not fail with
+ * #PSA_ERROR_BUFFER_TOO_SMALL.
+ * If the parameters are a valid combination that is not supported
+ * by the implementation, this macro either shall return either a
+ * sensible size or 0.
+ * If the parameters are not valid, the
+ * return value is unspecified.
+ */
+#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \
+ (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_RSA_KEYPAIR ? PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_DSA_KEYPAIR ? PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ PSA_KEY_TYPE_IS_ECC_KEYPAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) : \
+ PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ 0)
+
+#endif /* PSA_CRYPTO_SIZES_H */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
new file mode 100644
index 0000000..ee3ecd7
--- /dev/null
+++ b/include/psa/crypto_struct.h
@@ -0,0 +1,240 @@
+/**
+ * \file psa/crypto_struct.h
+ *
+ * \brief PSA cryptography module: Mbed TLS structured type implementations
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains the definitions of some data structures with
+ * implementation-specific definitions.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, it is expected that the front-end and the back-end
+ * would have different versions of this file.
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_STRUCT_H
+#define PSA_CRYPTO_STRUCT_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "../mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+struct psa_hash_operation_s
+{
+ psa_algorithm_t alg;
+ union
+ {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_MD2_C)
+ mbedtls_md2_context md2;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ mbedtls_md4_context md4;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ mbedtls_md5_context md5;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ mbedtls_ripemd160_context ripemd160;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ mbedtls_sha1_context sha1;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ mbedtls_sha256_context sha256;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ mbedtls_sha512_context sha512;
+#endif
+ } ctx;
+};
+
+#define PSA_HASH_OPERATION_INIT {0, {0}}
+static inline struct psa_hash_operation_s psa_hash_operation_init( void )
+{
+ const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
+ return( v );
+}
+
+#if defined(MBEDTLS_MD_C)
+typedef struct
+{
+ /** The hash context. */
+ struct psa_hash_operation_s hash_ctx;
+ /** The HMAC part of the context. */
+ uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
+} psa_hmac_internal_data;
+#endif /* MBEDTLS_MD_C */
+
+struct psa_mac_operation_s
+{
+ psa_algorithm_t alg;
+ unsigned int key_set : 1;
+ unsigned int iv_required : 1;
+ unsigned int iv_set : 1;
+ unsigned int has_input : 1;
+ unsigned int is_sign : 1;
+ uint8_t mac_size;
+ union
+ {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_MD_C)
+ psa_hmac_internal_data hmac;
+#endif
+#if defined(MBEDTLS_CMAC_C)
+ mbedtls_cipher_context_t cmac;
+#endif
+ } ctx;
+};
+
+#define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}}
+static inline struct psa_mac_operation_s psa_mac_operation_init( void )
+{
+ const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
+ return( v );
+}
+
+struct psa_cipher_operation_s
+{
+ psa_algorithm_t alg;
+ unsigned int key_set : 1;
+ unsigned int iv_required : 1;
+ unsigned int iv_set : 1;
+ uint8_t iv_size;
+ uint8_t block_size;
+ union
+ {
+ unsigned dummy; /* Enable easier initializing of the union. */
+ mbedtls_cipher_context_t cipher;
+ } ctx;
+};
+
+#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, {0}}
+static inline struct psa_cipher_operation_s psa_cipher_operation_init( void )
+{
+ const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
+ return( v );
+}
+
+#if defined(MBEDTLS_MD_C)
+typedef struct
+{
+ uint8_t *info;
+ size_t info_length;
+ psa_hmac_internal_data hmac;
+ uint8_t prk[PSA_HASH_MAX_SIZE];
+ uint8_t output_block[PSA_HASH_MAX_SIZE];
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+ uint8_t offset_in_block;
+ uint8_t block_number;
+} psa_hkdf_generator_t;
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_MD_C)
+typedef struct psa_tls12_prf_generator_s
+{
+ /* The TLS 1.2 PRF uses the key for each HMAC iteration,
+ * hence we must store it for the lifetime of the generator.
+ * This is different from HKDF, where the key is only used
+ * in the extraction phase, but not during expansion. */
+ unsigned char *key;
+ size_t key_len;
+
+ /* `A(i) + seed` in the notation of RFC 5246, Sect. 5 */
+ uint8_t *Ai_with_seed;
+ size_t Ai_with_seed_len;
+
+ /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */
+ uint8_t output_block[PSA_HASH_MAX_SIZE];
+
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+
+ /* Indicates how many bytes in the current HMAC block have
+ * already been read by the user. */
+ uint8_t offset_in_block;
+
+ /* The 1-based number of the block. */
+ uint8_t block_number;
+
+} psa_tls12_prf_generator_t;
+#endif /* MBEDTLS_MD_C */
+
+struct psa_crypto_generator_s
+{
+ psa_algorithm_t alg;
+ size_t capacity;
+ union
+ {
+ struct
+ {
+ uint8_t *data;
+ size_t size;
+ } buffer;
+#if defined(MBEDTLS_MD_C)
+ psa_hkdf_generator_t hkdf;
+ psa_tls12_prf_generator_t tls12_prf;
+#endif
+ } ctx;
+};
+
+#define PSA_CRYPTO_GENERATOR_INIT {0, 0, {{0, 0}}}
+static inline struct psa_crypto_generator_s psa_crypto_generator_init( void )
+{
+ const struct psa_crypto_generator_s v = PSA_CRYPTO_GENERATOR_INIT;
+ return( v );
+}
+
+struct psa_key_policy_s
+{
+ psa_key_usage_t usage;
+ psa_algorithm_t alg;
+};
+
+#define PSA_KEY_POLICY_INIT {0, 0}
+static inline struct psa_key_policy_s psa_key_policy_init( void )
+{
+ const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
+ return( v );
+}
+
+#endif /* PSA_CRYPTO_STRUCT_H */
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
new file mode 100644
index 0000000..923b94a
--- /dev/null
+++ b/include/psa/crypto_types.h
@@ -0,0 +1,113 @@
+/**
+ * \file psa/crypto_types.h
+ *
+ * \brief PSA cryptography module: type aliases.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h. Drivers must include the appropriate driver
+ * header file.
+ *
+ * This file contains portable definitions of integral types for properties
+ * of cryptographic keys, designations of cryptographic algorithms, and
+ * error codes returned by the library.
+ *
+ * This header file does not declare any function.
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_TYPES_H
+#define PSA_CRYPTO_TYPES_H
+
+#include <stdint.h>
+
+/** \defgroup error Error codes
+ * @{
+ */
+
+/**
+ * \brief Function return status.
+ *
+ * This is either #PSA_SUCCESS (which is zero), indicating success,
+ * or a nonzero value indicating that an error occurred. Errors are
+ * encoded as one of the \c PSA_ERROR_xxx values defined here.
+ * If #PSA_SUCCESS is already defined, it means that #psa_status_t
+ * is also defined in an external header, so prevent its multiple
+ * definition.
+ */
+#ifndef PSA_SUCCESS
+typedef int32_t psa_status_t;
+#endif
+
+/**@}*/
+
+/** \defgroup crypto_types Key and algorithm types
+ * @{
+ */
+
+/** \brief Encoding of a key type.
+ */
+typedef uint32_t psa_key_type_t;
+
+/** The type of PSA elliptic curve identifiers. */
+typedef uint16_t psa_ecc_curve_t;
+
+/** \brief Encoding of a cryptographic algorithm.
+ *
+ * For algorithms that can be applied to multiple key types, this type
+ * does not encode the key type. For example, for symmetric ciphers
+ * based on a block cipher, #psa_algorithm_t encodes the block cipher
+ * mode and the padding mode while the block cipher itself is encoded
+ * via #psa_key_type_t.
+ */
+typedef uint32_t psa_algorithm_t;
+
+/**@}*/
+
+/** \defgroup key_lifetimes Key lifetimes
+ * @{
+ */
+
+/** Encoding of key lifetimes.
+ */
+typedef uint32_t psa_key_lifetime_t;
+
+/** Encoding of identifiers of persistent keys.
+ */
+/* Implementation-specific quirk: The Mbed Crypto library can be built as
+ * part of a multi-client service that exposes the PSA Crypto API in each
+ * client and encodes the client identity in the key id argument of functions
+ * such as psa_open_key(). In this build configuration, we define
+ * psa_key_id_t in crypto_platform.h instead of here. */
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
+typedef uint32_t psa_key_id_t;
+#endif
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/** \brief Encoding of permitted usage on a key. */
+typedef uint32_t psa_key_usage_t;
+
+/**@}*/
+
+#endif /* PSA_CRYPTO_TYPES_H */
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
new file mode 100644
index 0000000..d42d8c2
--- /dev/null
+++ b/include/psa/crypto_values.h
@@ -0,0 +1,1489 @@
+/**
+ * \file psa/crypto_values.h
+ *
+ * \brief PSA cryptography module: macros to build and analyze integer values.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h. Drivers must include the appropriate driver
+ * header file.
+ *
+ * This file contains portable definitions of macros to build and analyze
+ * values of integral types that encode properties of cryptographic keys,
+ * designations of cryptographic algorithms, and error codes returned by
+ * the library.
+ *
+ * This header file only defines preprocessor macros.
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_VALUES_H
+#define PSA_CRYPTO_VALUES_H
+
+/** \defgroup error Error codes
+ * @{
+ */
+
+/* PSA error codes */
+
+/** The action was completed successfully. */
+#define PSA_SUCCESS ((psa_status_t)0)
+
+/** An error occurred that does not correspond to any defined
+ * failure cause.
+ *
+ * Implementations may use this error code if none of the other standard
+ * error codes are applicable. */
+#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
+
+/** The requested operation or a parameter is not supported
+ * by this implementation.
+ *
+ * Implementations should return this error code when an enumeration
+ * parameter such as a key type, algorithm, etc. is not recognized.
+ * If a combination of parameters is recognized and identified as
+ * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
+#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
+
+/** The requested action is denied by a policy.
+ *
+ * Implementations should return this error code when the parameters
+ * are recognized as valid and supported, and a policy explicitly
+ * denies the requested operation.
+ *
+ * If a subset of the parameters of a function call identify a
+ * forbidden operation, and another subset of the parameters are
+ * not valid or not supported, it is unspecified whether the function
+ * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
+ * #PSA_ERROR_INVALID_ARGUMENT. */
+#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
+
+/** An output buffer is too small.
+ *
+ * Applications can call the \c PSA_xxx_SIZE macro listed in the function
+ * description to determine a sufficient buffer size.
+ *
+ * Implementations should preferably return this error code only
+ * in cases when performing the operation with a larger output
+ * buffer would succeed. However implementations may return this
+ * error if a function has invalid or unsupported parameters in addition
+ * to the parameters that determine the necessary output buffer size. */
+#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
+
+/** Asking for an item that already exists
+ *
+ * Implementations should return this error, when attempting
+ * to write an item (like a key) that already exists. */
+#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
+
+/** Asking for an item that doesn't exist
+ *
+ * Implementations should return this error, if a requested item (like
+ * a key) does not exist. */
+#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
+
+/** The requested action cannot be performed in the current state.
+ *
+ * Multipart operations return this error when one of the
+ * functions is called out of sequence. Refer to the function
+ * descriptions for permitted sequencing of functions.
+ *
+ * Implementations shall not return this error code to indicate
+ * that a key slot is occupied when it needs to be free or vice versa,
+ * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
+ * as applicable. */
+#define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
+
+/** The parameters passed to the function are invalid.
+ *
+ * Implementations may return this error any time a parameter or
+ * combination of parameters are recognized as invalid.
+ *
+ * Implementations shall not return this error code to indicate
+ * that a key slot is occupied when it needs to be free or vice versa,
+ * but shall return #PSA_ERROR_ALREADY_EXISTS or #PSA_ERROR_DOES_NOT_EXIST
+ * as applicable.
+ *
+ * Implementation shall not return this error code to indicate that a
+ * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
+ * instead.
+ */
+#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
+
+/** There is not enough runtime memory.
+ *
+ * If the action is carried out across multiple security realms, this
+ * error can refer to available memory in any of the security realms. */
+#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
+
+/** There is not enough persistent storage.
+ *
+ * Functions that modify the key storage return this error code if
+ * there is insufficient storage space on the host media. In addition,
+ * many functions that do not otherwise access storage may return this
+ * error code if the implementation requires a mandatory log entry for
+ * the requested action and the log storage space is full. */
+#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
+
+/** There was a communication failure inside the implementation.
+ *
+ * This can indicate a communication failure between the application
+ * and an external cryptoprocessor or between the cryptoprocessor and
+ * an external volatile or persistent memory. A communication failure
+ * may be transient or permanent depending on the cause.
+ *
+ * \warning If a function returns this error, it is undetermined
+ * whether the requested action has completed or not. Implementations
+ * should return #PSA_SUCCESS on successful completion whenver
+ * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
+ * if the requested action was completed successfully in an external
+ * cryptoprocessor but there was a breakdown of communication before
+ * the cryptoprocessor could report the status to the application.
+ */
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
+
+/** There was a storage failure that may have led to data loss.
+ *
+ * This error indicates that some persistent storage is corrupted.
+ * It should not be used for a corruption of volatile memory
+ * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error
+ * between the cryptoprocessor and its external storage (use
+ * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
+ * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
+ *
+ * Note that a storage failure does not indicate that any data that was
+ * previously read is invalid. However this previously read data may no
+ * longer be readable from storage.
+ *
+ * When a storage failure occurs, it is no longer possible to ensure
+ * the global integrity of the keystore. Depending on the global
+ * integrity guarantees offered by the implementation, access to other
+ * data may or may not fail even if the data is still readable but
+ * its integrity canont be guaranteed.
+ *
+ * Implementations should only use this error code to report a
+ * permanent storage corruption. However application writers should
+ * keep in mind that transient errors while reading the storage may be
+ * reported using this error code. */
+#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
+
+/** A hardware failure was detected.
+ *
+ * A hardware failure may be transient or permanent depending on the
+ * cause. */
+#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
+
+/** A tampering attempt was detected.
+ *
+ * If an application receives this error code, there is no guarantee
+ * that previously accessed or computed data was correct and remains
+ * confidential. Applications should not perform any security function
+ * and should enter a safe failure state.
+ *
+ * Implementations may return this error code if they detect an invalid
+ * state that cannot happen during normal operation and that indicates
+ * that the implementation's security guarantees no longer hold. Depending
+ * on the implementation architecture and on its security and safety goals,
+ * the implementation may forcibly terminate the application.
+ *
+ * This error code is intended as a last resort when a security breach
+ * is detected and it is unsure whether the keystore data is still
+ * protected. Implementations shall only return this error code
+ * to report an alarm from a tampering detector, to indicate that
+ * the confidentiality of stored data can no longer be guaranteed,
+ * or to indicate that the integrity of previously returned data is now
+ * considered compromised. Implementations shall not use this error code
+ * to indicate a hardware failure that merely makes it impossible to
+ * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
+ * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
+ * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
+ * instead).
+ *
+ * This error indicates an attack against the application. Implementations
+ * shall not return this error code as a consequence of the behavior of
+ * the application itself. */
+#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)-151)
+
+/** There is not enough entropy to generate random data needed
+ * for the requested action.
+ *
+ * This error indicates a failure of a hardware random generator.
+ * Application writers should note that this error can be returned not
+ * only by functions whose purpose is to generate random data, such
+ * as key, IV or nonce generation, but also by functions that execute
+ * an algorithm with a randomized result, as well as functions that
+ * use randomization of intermediate computations as a countermeasure
+ * to certain attacks.
+ *
+ * Implementations should avoid returning this error after psa_crypto_init()
+ * has succeeded. Implementations should generate sufficient
+ * entropy during initialization and subsequently use a cryptographically
+ * secure pseudorandom generator (PRNG). However implementations may return
+ * this error at any time if a policy requires the PRNG to be reseeded
+ * during normal operation. */
+#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
+
+/** The signature, MAC or hash is incorrect.
+ *
+ * Verification functions return this error if the verification
+ * calculations completed successfully, and the value to be verified
+ * was determined to be incorrect.
+ *
+ * If the value to verify has an invalid size, implementations may return
+ * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
+#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
+
+/** The decrypted padding is incorrect.
+ *
+ * \warning In some protocols, when decrypting data, it is essential that
+ * the behavior of the application does not depend on whether the padding
+ * is correct, down to precise timing. Applications should prefer
+ * protocols that use authenticated encryption rather than plain
+ * encryption. If the application must perform a decryption of
+ * unauthenticated data, the application writer should take care not
+ * to reveal whether the padding is invalid.
+ *
+ * Implementations should strive to make valid and invalid padding
+ * as close as possible to indistinguishable to an external observer.
+ * In particular, the timing of a decryption operation should not
+ * depend on the validity of the padding. */
+#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
+
+/** Return this error when there's insufficient data when attempting
+ * to read from a resource. */
+#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
+
+/** The key handle is not valid.
+ */
+#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
+
+/**@}*/
+
+/** \defgroup crypto_types Key and algorithm types
+ * @{
+ */
+
+/** An invalid key type value.
+ *
+ * Zero is not the encoding of any key type.
+ */
+#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x00000000)
+
+/** Vendor-defined flag
+ *
+ * Key types defined by this standard will never have the
+ * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types
+ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
+ * respect the bitwise structure used by standard encodings whenever practical.
+ */
+#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000)
+
+#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000)
+#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000)
+#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x50000000)
+#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x60000000)
+#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x70000000)
+
+#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x10000000)
+
+/** Whether a key type is vendor-defined. */
+#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
+ (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
+
+/** Whether a key type is an unstructured array of bytes.
+ *
+ * This encompasses both symmetric keys and non-key data.
+ */
+#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
+ (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
+ PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
+
+/** Whether a key type is asymmetric: either a key pair or a public key. */
+#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
+ (((type) & PSA_KEY_TYPE_CATEGORY_MASK \
+ & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) == \
+ PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is the public part of a key pair. */
+#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
+ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is a key pair containing a private part and a public
+ * part. */
+#define PSA_KEY_TYPE_IS_KEYPAIR(type) \
+ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
+/** The key pair type corresponding to a public key type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type A public key type or key pair type.
+ *
+ * \return The corresponding key pair type.
+ * If \p type is not a public key or a key pair,
+ * the return value is undefined.
+ */
+#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type) \
+ ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+/** The public key type corresponding to a key pair type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type A public key type or key pair type.
+ *
+ * \return The corresponding public key type.
+ * If \p type is not a public key or a key pair,
+ * the return value is undefined.
+ */
+#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
+ ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+
+/** Raw data.
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore. */
+#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001)
+
+/** HMAC key.
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * HMAC keys should generally have the same size as the underlying hash.
+ * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
+ * \c alg is the HMAC algorithm or the underlying hash algorithm. */
+#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x51000000)
+
+/** A secret for key derivation.
+ *
+ * The key policy determines which key derivation algorithm the key
+ * can be used for.
+ */
+#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000)
+
+/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
+ *
+ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
+ * 32 bytes (AES-256).
+ */
+#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001)
+
+/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
+ *
+ * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or
+ * 24 bytes (3-key 3DES).
+ *
+ * Note that single DES and 2-key 3DES are weak and strongly
+ * deprecated and should only be used to decrypt legacy data. 3-key 3DES
+ * is weak and deprecated and should only be used in legacy protocols.
+ */
+#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002)
+
+/** Key for an cipher, AEAD or MAC algorithm based on the
+ * Camellia block cipher. */
+#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x40000003)
+
+/** Key for the RC4 stream cipher.
+ *
+ * Note that RC4 is weak and deprecated and should only be used in
+ * legacy protocols. */
+#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x40000004)
+
+/** RSA public key. */
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
+/** RSA key pair (private and public key). */
+#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type) \
+ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+
+/** DSA public key. */
+#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x60020000)
+/** DSA key pair (private and public key). */
+#define PSA_KEY_TYPE_DSA_KEYPAIR ((psa_key_type_t)0x70020000)
+/** Whether a key type is an DSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_DSA(type) \
+ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
+
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
+#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
+#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff)
+/** Elliptic curve key pair. */
+#define PSA_KEY_TYPE_ECC_KEYPAIR(curve) \
+ (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
+/** Elliptic curve public key. */
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) \
+ (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
+
+/** Whether a key type is an elliptic curve key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_ECC(type) \
+ ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \
+ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+/** Whether a key type is an elliptic curve key pair. */
+#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \
+ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
+/** Whether a key type is an elliptic curve public key. */
+#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
+ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+
+/** Extract the curve from an elliptic curve key type. */
+#define PSA_KEY_TYPE_GET_CURVE(type) \
+ ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
+ ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
+ 0))
+
+/* The encoding of curve identifiers is currently aligned with the
+ * TLS Supported Groups Registry (formerly known as the
+ * TLS EC Named Curve Registry)
+ * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
+ * The values are defined by RFC 8422 and RFC 7027. */
+#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
+#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
+#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
+#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004)
+#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005)
+#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006)
+#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007)
+#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008)
+#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009)
+#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a)
+#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b)
+#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c)
+#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d)
+#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e)
+#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f)
+#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010)
+#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011)
+#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012)
+#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013)
+#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014)
+#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015)
+#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016)
+#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017)
+#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018)
+#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019)
+#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a)
+#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b)
+#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
+#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
+#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
+
+/** The block size of a block cipher.
+ *
+ * \param type A cipher key type (value of type #psa_key_type_t).
+ *
+ * \return The block size for a block cipher, or 1 for a stream cipher.
+ * The return value is undefined if \p type is not a supported
+ * cipher key type.
+ *
+ * \note It is possible to build stream cipher algorithms on top of a block
+ * cipher, for example CTR mode (#PSA_ALG_CTR).
+ * This macro only takes the key type into account, so it cannot be
+ * used to determine the size of the data that #psa_cipher_update()
+ * might buffer for future processing in general.
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ *
+ * \warning This macro may evaluate its argument multiple times.
+ */
+#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
+ ( \
+ (type) == PSA_KEY_TYPE_AES ? 16 : \
+ (type) == PSA_KEY_TYPE_DES ? 8 : \
+ (type) == PSA_KEY_TYPE_CAMELLIA ? 16 : \
+ (type) == PSA_KEY_TYPE_ARC4 ? 1 : \
+ 0)
+
+#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
+#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
+#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000)
+#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x02000000)
+#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
+#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x06000000)
+#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x10000000)
+#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000)
+#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x22000000)
+#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x30000000)
+#define PSA_ALG_CATEGORY_KEY_SELECTION ((psa_algorithm_t)0x31000000)
+
+#define PSA_ALG_IS_VENDOR_DEFINED(alg) \
+ (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
+
+/** Whether the specified algorithm is a hash algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a hash algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_HASH(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
+
+/** Whether the specified algorithm is a MAC algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a MAC algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_MAC(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
+
+/** Whether the specified algorithm is a symmetric cipher algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_CIPHER(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
+
+/** Whether the specified algorithm is an authenticated encryption
+ * with associated data (AEAD) algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an AEAD algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_AEAD(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
+
+/** Whether the specified algorithm is a public-key signature algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
+
+/** Whether the specified algorithm is a public-key encryption algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
+
+#define PSA_ALG_KEY_SELECTION_FLAG ((psa_algorithm_t)0x01000000)
+/** Whether the specified algorithm is a key agreement algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key agreement algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_AGREEMENT(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) == \
+ PSA_ALG_CATEGORY_KEY_AGREEMENT)
+
+/** Whether the specified algorithm is a key derivation algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key derivation algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_DERIVATION(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+/** Whether the specified algorithm is a key selection algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key selection algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_SELECTION(alg) \
+ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION)
+
+#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
+
+#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
+#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
+#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
+#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004)
+#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005)
+/** SHA2-224 */
+#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008)
+/** SHA2-256 */
+#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009)
+/** SHA2-384 */
+#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a)
+/** SHA2-512 */
+#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b)
+/** SHA2-512/224 */
+#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c)
+/** SHA2-512/256 */
+#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d)
+/** SHA3-224 */
+#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010)
+/** SHA3-256 */
+#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011)
+/** SHA3-384 */
+#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012)
+/** SHA3-512 */
+#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
+
+/** In a hash-and-sign algorithm policy, allow any hash algorithm.
+ *
+ * This value may be used to form the algorithm usage field of a policy
+ * for a signature algorithm that is parametrized by a hash. The key
+ * may then be used to perform operations using the same signature
+ * algorithm parametrized with any supported hash.
+ *
+ * That is, suppose that `PSA_xxx_SIGNATURE` is one of the following macros:
+ * - #PSA_ALG_RSA_PKCS1V15_SIGN, #PSA_ALG_RSA_PSS,
+ * - #PSA_ALG_DSA, #PSA_ALG_DETERMINISTIC_DSA,
+ * - #PSA_ALG_ECDSA, #PSA_ALG_DETERMINISTIC_ECDSA.
+ * Then you may create and use a key as follows:
+ * - Set the key usage field using #PSA_ALG_ANY_HASH, for example:
+ * ```
+ * psa_key_policy_set_usage(&policy,
+ * PSA_KEY_USAGE_SIGN, //or PSA_KEY_USAGE_VERIFY
+ * PSA_xxx_SIGNATURE(PSA_ALG_ANY_HASH));
+ * psa_set_key_policy(handle, &policy);
+ * ```
+ * - Import or generate key material.
+ * - Call psa_asymmetric_sign() or psa_asymmetric_verify(), passing
+ * an algorithm built from `PSA_xxx_SIGNATURE` and a specific hash. Each
+ * call to sign or verify a message may use a different hash.
+ * ```
+ * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_256), ...);
+ * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA_512), ...);
+ * psa_asymmetric_sign(handle, PSA_xxx_SIGNATURE(PSA_ALG_SHA3_256), ...);
+ * ```
+ *
+ * This value may not be used to build other algorithms that are
+ * parametrized over a hash. For any valid use of this macro to build
+ * an algorithm `\p alg`, #PSA_ALG_IS_HASH_AND_SIGN(\p alg) is true.
+ *
+ * This value may not be used to build an algorithm specification to
+ * perform an operation. It is only valid to build policies.
+ */
+#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x010000ff)
+
+#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
+#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000)
+/** Macro to build an HMAC algorithm.
+ *
+ * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return The corresponding HMAC algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_HMAC(hash_alg) \
+ (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_HMAC_GET_HASH(hmac_alg) \
+ (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is an HMAC algorithm.
+ *
+ * HMAC is a family of MAC algorithms that are based on a hash function.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an HMAC algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_HMAC(alg) \
+ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+ PSA_ALG_HMAC_BASE)
+
+/* In the encoding of a MAC algorithm, the bits corresponding to
+ * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
+ * truncated. As an exception, the value 0 means the untruncated algorithm,
+ * whatever its length is. The length is encoded in 6 bits, so it can
+ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
+ * to full length is correctly encoded as 0 and any non-trivial truncation
+ * is correctly encoded as a value between 1 and 63. */
+#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x00003f00)
+#define PSA_MAC_TRUNCATION_OFFSET 8
+
+/** Macro to build a truncated MAC algorithm.
+ *
+ * A truncated MAC algorithm is identical to the corresponding MAC
+ * algorithm except that the MAC value for the truncated algorithm
+ * consists of only the first \p mac_length bytes of the MAC value
+ * for the untruncated algorithm.
+ *
+ * \note This macro may allow constructing algorithm identifiers that
+ * are not valid, either because the specified length is larger
+ * than the untruncated MAC or because the specified length is
+ * smaller than permitted by the implementation.
+ *
+ * \note It is implementation-defined whether a truncated MAC that
+ * is truncated to the same length as the MAC of the untruncated
+ * algorithm is considered identical to the untruncated algorithm
+ * for policy comparison purposes.
+ *
+ * \param mac_alg A MAC algorithm identifier (value of type
+ * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ * is true). This may be a truncated or untruncated
+ * MAC algorithm.
+ * \param mac_length Desired length of the truncated MAC in bytes.
+ * This must be at most the full length of the MAC
+ * and must be at least an implementation-specified
+ * minimum. The implementation-specified minimum
+ * shall not be zero.
+ *
+ * \return The corresponding MAC algorithm with the specified
+ * length.
+ * \return Unspecified if \p alg is not a supported
+ * MAC algorithm or if \p mac_length is too small or
+ * too large for the specified MAC algorithm.
+ */
+#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
+ (((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) | \
+ ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
+
+/** Macro to build the base MAC algorithm corresponding to a truncated
+ * MAC algorithm.
+ *
+ * \param mac_alg A MAC algorithm identifier (value of type
+ * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ * is true). This may be a truncated or untruncated
+ * MAC algorithm.
+ *
+ * \return The corresponding base MAC algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * MAC algorithm.
+ */
+#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) \
+ ((mac_alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
+
+/** Length to which a MAC algorithm is truncated.
+ *
+ * \param mac_alg A MAC algorithm identifier (value of type
+ * #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ * is true).
+ *
+ * \return Length of the truncated MAC in bytes.
+ * \return 0 if \p alg is a non-truncated MAC algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * MAC algorithm.
+ */
+#define PSA_MAC_TRUNCATED_LENGTH(mac_alg) \
+ (((mac_alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
+
+#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
+#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
+#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002)
+#define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003)
+
+/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) \
+ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+ PSA_ALG_CIPHER_MAC_BASE)
+
+#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
+#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
+
+/** Whether the specified algorithm is a stream cipher.
+ *
+ * A stream cipher is a symmetric cipher that encrypts or decrypts messages
+ * by applying a bitwise-xor with a stream of bytes that is generated
+ * from a key.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier or if it is not a symmetric cipher algorithm.
+ */
+#define PSA_ALG_IS_STREAM_CIPHER(alg) \
+ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
+ (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
+
+/** The ARC4 stream cipher algorithm.
+ */
+#define PSA_ALG_ARC4 ((psa_algorithm_t)0x04800001)
+
+/** The CTR stream cipher mode.
+ *
+ * CTR is a stream cipher which is built from a block cipher.
+ * The underlying block cipher is determined by the key type.
+ * For example, to use AES-128-CTR, use this algorithm with
+ * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
+ */
+#define PSA_ALG_CTR ((psa_algorithm_t)0x04c00001)
+
+#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002)
+
+#define PSA_ALG_OFB ((psa_algorithm_t)0x04c00003)
+
+/** The XTS cipher mode.
+ *
+ * XTS is a cipher mode which is built from a block cipher. It requires at
+ * least one full block of input, but beyond this minimum the input
+ * does not need to be a whole number of blocks.
+ */
+#define PSA_ALG_XTS ((psa_algorithm_t)0x044000ff)
+
+/** The CBC block cipher chaining mode, with no padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This symmetric cipher mode can only be used with messages whose lengths
+ * are whole number of blocks for the chosen block cipher.
+ */
+#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04600100)
+
+/** The CBC block cipher chaining mode with PKCS#7 padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This is the padding method defined by PKCS#7 (RFC 2315) §10.3.
+ */
+#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04600101)
+
+#define PSA_ALG_CCM ((psa_algorithm_t)0x06001001)
+#define PSA_ALG_GCM ((psa_algorithm_t)0x06001002)
+
+/* In the encoding of a AEAD algorithm, the bits corresponding to
+ * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
+ * The constants for default lengths follow this encoding.
+ */
+#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x00003f00)
+#define PSA_AEAD_TAG_LENGTH_OFFSET 8
+
+/** Macro to build a shortened AEAD algorithm.
+ *
+ * A shortened AEAD algorithm is similar to the corresponding AEAD
+ * algorithm, but has an authentication tag that consists of fewer bytes.
+ * Depending on the algorithm, the tag length may affect the calculation
+ * of the ciphertext.
+ *
+ * \param aead_alg An AEAD algorithm identifier (value of type
+ * #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
+ * is true).
+ * \param tag_length Desired length of the authentication tag in bytes.
+ *
+ * \return The corresponding AEAD algorithm with the specified
+ * length.
+ * \return Unspecified if \p alg is not a supported
+ * AEAD algorithm or if \p tag_length is not valid
+ * for the specified AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \
+ (((aead_alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) | \
+ ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
+ PSA_ALG_AEAD_TAG_LENGTH_MASK))
+
+/** Calculate the corresponding AEAD algorithm with the default tag length.
+ *
+ * \param aead_alg An AEAD algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return The corresponding AEAD algorithm with the default
+ * tag length for that algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \
+ ( \
+ PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_CCM) \
+ PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, PSA_ALG_GCM) \
+ 0)
+#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(aead_alg, ref) \
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, 0) == \
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ? \
+ ref :
+
+#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000)
+/** RSA PKCS#1 v1.5 signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PKCS1-v1_5.
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
+ *
+ * \return The corresponding RSA PKCS#1 v1.5 signature algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg) \
+ (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Raw PKCS#1 v1.5 signature.
+ *
+ * The input to this algorithm is the DigestInfo structure used by
+ * RFC 8017 (PKCS#1: RSA Cryptography Specifications), §9.2
+ * steps 3–6.
+ */
+#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
+#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
+
+#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x10030000)
+/** RSA PSS signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PSS, with the message generation function MGF1, and with
+ * a salt length equal to the length of the hash. The specified
+ * hash algorithm is used to hash the input message, to create the
+ * salted hash, and for the mask generation.
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
+ *
+ * \return The corresponding RSA PSS signature algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_RSA_PSS(hash_alg) \
+ (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_PSS(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
+
+#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x10040000)
+/** DSA signature with hashing.
+ *
+ * This is the signature scheme defined by FIPS 186-4,
+ * with a random per-message secret number (*k*).
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
+ *
+ * \return The corresponding DSA signature algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_DSA(hash_alg) \
+ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x10050000)
+#define PSA_ALG_DSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00010000)
+#define PSA_ALG_DETERMINISTIC_DSA(hash_alg) \
+ (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_DSA(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
+ PSA_ALG_DSA_BASE)
+#define PSA_ALG_DSA_IS_DETERMINISTIC(alg) \
+ (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_DSA(alg) \
+ (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_DSA(alg) \
+ (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
+
+#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000)
+/** ECDSA signature with hashing.
+ *
+ * This is the ECDSA signature scheme defined by ANSI X9.62,
+ * with a random per-message secret number (*k*).
+ *
+ * The representation of the signature as a byte string consists of
+ * the concatentation of the signature values *r* and *s*. Each of
+ * *r* and *s* is encoded as an *N*-octet string, where *N* is the length
+ * of the base point of the curve in octets. Each value is represented
+ * in big-endian order (most significant octet first).
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
+ *
+ * \return The corresponding ECDSA signature algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_ECDSA(hash_alg) \
+ (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** ECDSA signature without hashing.
+ *
+ * This is the same signature scheme as #PSA_ALG_ECDSA(), but
+ * without specifying a hash algorithm. This algorithm may only be
+ * used to sign or verify a sequence of bytes that should be an
+ * already-calculated hash. Note that the input is padded with
+ * zeros on the left or truncated on the left as required to fit
+ * the curve size.
+ */
+#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
+#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x10070000)
+/** Deterministic ECDSA signature with hashing.
+ *
+ * This is the deterministic ECDSA signature scheme defined by RFC 6979.
+ *
+ * The representation of a signature is the same as with #PSA_ALG_ECDSA().
+ *
+ * Note that when this algorithm is used for verification, signatures
+ * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the
+ * same private key are accepted. In other words,
+ * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from
+ * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification.
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ * This includes #PSA_ALG_ANY_HASH
+ * when specifying the algorithm in a usage policy.
+ *
+ * \return The corresponding deterministic ECDSA signature
+ * algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
+ (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_ECDSA(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) == \
+ PSA_ALG_ECDSA_BASE)
+#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg) \
+ (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) \
+ (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg) \
+ (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+
+/** Whether the specified algorithm is a hash-and-sign algorithm.
+ *
+ * Hash-and-sign algorithms are public-key signature algorithms structured
+ * in two parts: first the calculation of a hash in a way that does not
+ * depend on the key, then the calculation of a signature from the
+ * hash value and the key.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a hash-and-sign algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \p alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_HASH_AND_SIGN(alg) \
+ (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
+ PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
+
+/** Get the hash used by a hash-and-sign signature algorithm.
+ *
+ * A hash-and-sign algorithm is a signature algorithm which is
+ * composed of two phases: first a hashing phase which does not use
+ * the key and produces a hash of the input message, then a signing
+ * phase which only uses the hash and the key and not the message
+ * itself.
+ *
+ * \param alg A signature algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_SIGN(\p alg) is true).
+ *
+ * \return The underlying hash algorithm if \p alg is a hash-and-sign
+ * algorithm.
+ * \return 0 if \p alg is a signature algorithm that does not
+ * follow the hash-and-sign structure.
+ * \return Unspecified if \p alg is not a signature algorithm or
+ * if it is not supported by the implementation.
+ */
+#define PSA_ALG_SIGN_GET_HASH(alg) \
+ (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
+ ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 : \
+ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
+ 0)
+
+/** RSA PKCS#1 v1.5 encryption.
+ */
+#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000)
+
+#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x12030000)
+/** RSA OAEP encryption.
+ *
+ * This is the encryption scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSAES-OAEP, with the message generation function MGF1.
+ *
+ * \param hash_alg The hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true) to use
+ * for MGF1.
+ *
+ * \return The corresponding RSA OAEP signature algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_RSA_OAEP(hash_alg) \
+ (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_OAEP(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
+#define PSA_ALG_RSA_OAEP_GET_HASH(alg) \
+ (PSA_ALG_IS_RSA_OAEP(alg) ? \
+ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
+ 0)
+
+#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100)
+/** Macro to build an HKDF algorithm.
+ *
+ * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return The corresponding HKDF algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_HKDF(hash_alg) \
+ (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Whether the specified algorithm is an HKDF algorithm.
+ *
+ * HKDF is a family of key derivation algorithms that are based on a hash
+ * function and the HMAC construction.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an HKDF algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \c alg is not a supported
+ * key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_HKDF(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
+#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
+ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x30000200)
+/** Macro to build a TLS-1.2 PRF algorithm.
+ *
+ * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
+ * specified in Section 5 of RFC 5246. It is based on HMAC and can be
+ * used with either SHA-256 or SHA-384.
+ *
+ * For the application to TLS-1.2, the salt and label arguments passed
+ * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246,
+ * respectively. For example, for TLS key expansion, the salt is the
+ * concatenation of ServerHello.Random + ClientHello.Random,
+ * while the label is "key expansion".
+ *
+ * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the
+ * TLS 1.2 PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return The corresponding TLS-1.2 PRF algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_TLS12_PRF(hash_alg) \
+ (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PRF algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \c alg is not a supported
+ * key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PRF(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
+#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
+ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300)
+/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
+ *
+ * In a pure-PSK handshake in TLS 1.2, the master secret is derived
+ * from the PreSharedKey (PSK) through the application of padding
+ * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5).
+ * The latter is based on HMAC and can be used with either SHA-256
+ * or SHA-384.
+ *
+ * For the application to TLS-1.2, the salt passed to psa_key_derivation()
+ * (and forwarded to the TLS-1.2 PRF) is the concatenation of the
+ * ClientHello.Random + ServerHello.Random, while the label is "master secret"
+ * or "extended master secret".
+ *
+ * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the
+ * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
+ * #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return The corresponding TLS-1.2 PSK to MS algorithm.
+ * \return Unspecified if \p alg is not a supported
+ * hash algorithm.
+ */
+#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg) \
+ (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \c alg is not a supported
+ * key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg) \
+ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
+#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
+ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0x010fffff)
+
+/** Use a shared secret as is.
+ *
+ * Specify this algorithm as the selection component of a key agreement
+ * to use the raw result of the key agreement as key material.
+ *
+ * \warning The raw result of a key agreement algorithm such as finite-field
+ * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should
+ * not be used directly as key material. It can however be used as the secret
+ * input in a key derivation algorithm.
+ */
+#define PSA_ALG_SELECT_RAW ((psa_algorithm_t)0x31000001)
+
+#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg) \
+ (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) \
+ ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK)
+
+#define PSA_ALG_FFDH_BASE ((psa_algorithm_t)0x22100000)
+/** The Diffie-Hellman key agreement algorithm.
+ *
+ * This algorithm combines the finite-field Diffie-Hellman (DH) key
+ * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement,
+ * to produce a shared secret from a private key and the peer's
+ * public key, with a key selection or key derivation algorithm to produce
+ * one or more shared keys and other shared cryptographic material.
+ *
+ * The shared secret produced by key agreement and passed as input to the
+ * derivation or selection algorithm \p kdf_alg is the shared secret
+ * `g^{ab}` in big-endian format.
+ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
+ * in bits.
+ *
+ * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such
+ * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
+ * or a key selection algorithm (\c PSA_ALG_XXX value such
+ * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
+ *
+ * \return The Diffie-Hellman algorithm with the specified
+ * selection or derivation algorithm.
+ */
+#define PSA_ALG_FFDH(kdf_alg) \
+ (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
+/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
+ *
+ * This includes every supported key selection or key agreement algorithm
+ * for the output of the Diffie-Hellman calculation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise.
+ * This macro may return either 0 or 1 if \c alg is not a supported
+ * key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_FFDH(alg) \
+ (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE)
+
+#define PSA_ALG_ECDH_BASE ((psa_algorithm_t)0x22200000)
+/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
+ *
+ * This algorithm combines the elliptic curve Diffie-Hellman key
+ * agreement to produce a shared secret from a private key and the peer's
+ * public key, with a key selection or key derivation algorithm to produce
+ * one or more shared keys and other shared cryptographic material.
+ *
+ * The shared secret produced by key agreement and passed as input to the
+ * derivation or selection algorithm \p kdf_alg is the x-coordinate of
+ * the shared secret point. It is always `ceiling(m / 8)` bytes long where
+ * `m` is the bit size associated with the curve, i.e. the bit size of the
+ * order of the curve's coordinate field. When `m` is not a multiple of 8,
+ * the byte containing the most significant bit of the shared secret
+ * is padded with zero bits. The byte order is either little-endian
+ * or big-endian depending on the curve type.
+ *
+ * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`),
+ * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ * in little-endian byte order.
+ * The bit size is 448 for Curve448 and 255 for Curve25519.
+ * - For Weierstrass curves over prime fields (curve types
+ * `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`),
+ * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ * in big-endian byte order.
+ * The bit size is `m = ceiling(log_2(p))` for the field `F_p`.
+ * - For Weierstrass curves over binary fields (curve types
+ * `PSA_ECC_CURVE_SECTXXX`),
+ * the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ * in big-endian byte order.
+ * The bit size is `m` for the field `F_{2^m}`.
+ *
+ * \param kdf_alg A key derivation algorithm (\c PSA_ALG_XXX value such
+ * that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
+ * or a selection algorithm (\c PSA_ALG_XXX value such
+ * that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
+ *
+ * \return The Diffie-Hellman algorithm with the specified
+ * selection or derivation algorithm.
+ */
+#define PSA_ALG_ECDH(kdf_alg) \
+ (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
+/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
+ * algorithm.
+ *
+ * This includes every supported key selection or key agreement algorithm
+ * for the output of the Diffie-Hellman calculation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm,
+ * 0 otherwise.
+ * This macro may return either 0 or 1 if \c alg is not a supported
+ * key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_ECDH(alg) \
+ (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE)
+
+/** Whether the specified algorithm encoding is a wildcard.
+ *
+ * Wildcard values may only be used to set the usage algorithm field in
+ * a policy, not to perform an operation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a wildcard algorithm encoding.
+ * \return 0 if \c alg is a non-wildcard algorithm encoding (suitable for
+ * an operation).
+ * \return This macro may return either 0 or 1 if \c alg is not a supported
+ * algorithm identifier.
+ */
+#define PSA_ALG_IS_WILDCARD(alg) \
+ (PSA_ALG_IS_HASH_AND_SIGN(alg) ? \
+ PSA_ALG_SIGN_GET_HASH(alg) == PSA_ALG_ANY_HASH : \
+ (alg) == PSA_ALG_ANY_HASH)
+
+/**@}*/
+
+/** \defgroup key_lifetimes Key lifetimes
+ * @{
+ */
+
+/** A volatile key only exists as long as the handle to it is not closed.
+ * The key material is guaranteed to be erased on a power reset.
+ */
+#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
+
+/** The default storage area for persistent keys.
+ *
+ * A persistent key remains in storage until it is explicitly destroyed or
+ * until the corresponding storage area is wiped. This specification does
+ * not define any mechanism to wipe a storage area, but implementations may
+ * provide their own mechanism (for example to perform a factory reset,
+ * to prepare for device refurbishment, or to uninstall an application).
+ *
+ * This lifetime value is the default storage area for the calling
+ * application. Implementations may offer other storage areas designated
+ * by other lifetime values as implementation-specific extensions.
+ */
+#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/** Whether the key may be exported.
+ *
+ * A public key or the public part of a key pair may always be exported
+ * regardless of the value of this permission flag.
+ *
+ * If a key does not have export permission, implementations shall not
+ * allow the key to be exported in plain form from the cryptoprocessor,
+ * whether through psa_export_key() or through a proprietary interface.
+ * The key may however be exportable in a wrapped form, i.e. in a form
+ * where it is encrypted by another key.
+ */
+#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
+
+/** Whether the key may be used to encrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric encryption operation,
+ * for an AEAD encryption-and-authentication operation,
+ * or for an asymmetric encryption operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
+
+/** Whether the key may be used to decrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric decryption operation,
+ * for an AEAD decryption-and-verification operation,
+ * or for an asymmetric decryption operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
+
+/** Whether the key may be used to sign a message.
+ *
+ * This flag allows the key to be used for a MAC calculation operation
+ * or for an asymmetric signature operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400)
+
+/** Whether the key may be used to verify a message signature.
+ *
+ * This flag allows the key to be used for a MAC verification operation
+ * or for an asymmetric signature verification operation,
+ * if otherwise permitted by by the key's type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800)
+
+/** Whether the key may be used to derive other keys.
+ */
+#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000)
+
+/**@}*/
+
+#endif /* PSA_CRYPTO_VALUES_H */
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index c33c1cd..e9372be 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -53,6 +53,11 @@
platform.c
platform_util.c
poly1305.c
+ psa_crypto.c
+ psa_crypto_slot_management.c
+ psa_crypto_storage.c
+ psa_crypto_storage_file.c
+ psa_crypto_storage_its.c
ripemd160.c
rsa.c
rsa_internal.c
@@ -98,6 +103,12 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
endif(CMAKE_COMPILER_IS_CLANG)
+if(UNSAFE_BUILD)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error")
+ set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error")
+ set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error")
+endif(UNSAFE_BUILD)
+
if(WIN32)
set(libs ${libs} ws2_32)
endif(WIN32)
@@ -143,39 +154,64 @@
add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
target_link_libraries(${mbedcrypto_static_target} ${libs})
+ target_include_directories(${mbedcrypto_static_target}
+ PUBLIC ${CMAKE_SOURCE_DIR}/include/
+ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
- add_library(${mbedx509_static_target} STATIC ${src_x509})
- set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
- target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
+ if(USE_CRYPTO_SUBMODULE)
+ install(TARGETS ${mbedcrypto_static_target}
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ else()
+ add_library(${mbedx509_static_target} STATIC ${src_x509})
+ set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
+ target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
- add_library(${mbedtls_static_target} STATIC ${src_tls})
- set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
- target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
+ add_library(${mbedtls_static_target} STATIC ${src_tls})
+ set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
+ target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
- install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ endif()
endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedcrypto SHARED ${src_crypto})
set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.0 SOVERSION 3)
target_link_libraries(mbedcrypto ${libs})
+ target_include_directories(mbedcrypto
+ PUBLIC ${CMAKE_SOURCE_DIR}/include/
+ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
- add_library(mbedx509 SHARED ${src_x509})
- set_target_properties(mbedx509 PROPERTIES VERSION 2.16.0 SOVERSION 0)
- target_link_libraries(mbedx509 ${libs} mbedcrypto)
+ if(USE_CRYPTO_SUBMODULE)
+ install(TARGETS mbedcrypto
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ else()
+ add_library(mbedx509 SHARED ${src_x509})
+ set_target_properties(mbedx509 PROPERTIES VERSION 2.16.0 SOVERSION 0)
+ target_link_libraries(mbedx509 ${libs} mbedcrypto)
- add_library(mbedtls SHARED ${src_tls})
- set_target_properties(mbedtls PROPERTIES VERSION 2.16.0 SOVERSION 12)
- target_link_libraries(mbedtls ${libs} mbedx509)
+ add_library(mbedtls SHARED ${src_tls})
+ set_target_properties(mbedtls PROPERTIES VERSION 2.16.0 SOVERSION 12)
+ target_link_libraries(mbedtls ${libs} mbedx509)
- install(TARGETS mbedtls mbedx509 mbedcrypto
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ install(TARGETS mbedtls mbedx509 mbedcrypto
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ endif()
endif(USE_SHARED_MBEDTLS_LIBRARY)
-add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
-if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
- add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
+if(USE_CRYPTO_SUBMODULE)
+ add_custom_target(crypto_lib DEPENDS mbedcrypto)
+ if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+ add_dependencies(crypto_lib mbedcrypto_static)
+ endif()
+else()
+ add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
+ if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+ add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
+ endif()
endif()
diff --git a/library/Makefile b/library/Makefile
index 430c598..8533eaa 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -5,7 +5,8 @@
WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement
LDFLAGS ?=
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+CRYPTO_INCLUDES ?= -I../include
+LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -D_FILE_OFFSET_BITS=64
LOCAL_LDFLAGS =
ifdef DEBUG
@@ -39,7 +40,7 @@
SOEXT_X509=so.0
SOEXT_CRYPTO=so.3
-# Set AR_DASH= (empty string) to use an ar implentation that does not accept
+# Set AR_DASH= (empty string) to use an ar implementation that does not accept
# the - prefix for command line options (e.g. llvm-ar)
AR_DASH ?= -
@@ -81,6 +82,11 @@
pk.o pk_wrap.o pkcs12.o \
pkcs5.o pkparse.o pkwrite.o \
platform.o platform_util.o poly1305.o \
+ psa_crypto.o \
+ psa_crypto_slot_management.o \
+ psa_crypto_storage.o \
+ psa_crypto_storage_file.o \
+ psa_crypto_storage_its.o \
ripemd160.o rsa_internal.o rsa.o \
sha1.o sha256.o sha512.o \
threading.o timing.o version.o \
@@ -199,5 +205,6 @@
ifndef WINDOWS
rm -f *.o libmbed*
else
- del /Q /F *.o libmbed*
+ if exist *.o del /Q /F *.o
+ if exist libmbed* del /Q /F libmbed*
endif
diff --git a/library/bignum.c b/library/bignum.c
index d3d02b1..87015af 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -527,26 +527,38 @@
}
/*
- * Helper to write the digits high-order first
+ * Helper to write the digits high-order first.
*/
-static int mpi_write_hlp( mbedtls_mpi *X, int radix, char **p )
+static int mpi_write_hlp( mbedtls_mpi *X, int radix,
+ char **p, const size_t buflen )
{
int ret;
mbedtls_mpi_uint r;
+ size_t length = 0;
+ char *p_end = *p + buflen;
- if( radix < 2 || radix > 16 )
- return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+ do
+ {
+ if( length >= buflen )
+ {
+ return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
+ }
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) );
+ /*
+ * Write the residue in the current position, as an ASCII character.
+ */
+ if( r < 0xA )
+ *(--p_end) = (char)( '0' + r );
+ else
+ *(--p_end) = (char)( 'A' + ( r - 0xA ) );
- if( mbedtls_mpi_cmp_int( X, 0 ) != 0 )
- MBEDTLS_MPI_CHK( mpi_write_hlp( X, radix, p ) );
+ length++;
+ } while( mbedtls_mpi_cmp_int( X, 0 ) != 0 );
- if( r < 10 )
- *(*p)++ = (char)( r + 0x30 );
- else
- *(*p)++ = (char)( r + 0x37 );
+ memmove( *p, p_end, length );
+ *p += length;
cleanup:
@@ -619,7 +631,7 @@
if( T.s == -1 )
T.s = 1;
- MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p ) );
+ MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p, buflen ) );
}
*p++ = '\0';
diff --git a/library/cipher.c b/library/cipher.c
index 2739975..e854cf6 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -58,6 +58,11 @@
#include "mbedtls/cmac.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
@@ -76,7 +81,8 @@
* a non-zero value.
* This is currently only used by GCM and ChaCha20+Poly1305.
*/
-static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, size_t len )
+static int mbedtls_constant_time_memcmp( const void *v1, const void *v2,
+ size_t len )
{
const unsigned char *p1 = (const unsigned char*) v1;
const unsigned char *p2 = (const unsigned char*) v2;
@@ -113,7 +119,8 @@
return( mbedtls_cipher_supported );
}
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type )
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(
+ const mbedtls_cipher_type_t cipher_type )
{
const mbedtls_cipher_definition_t *def;
@@ -124,7 +131,8 @@
return( NULL );
}
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name )
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(
+ const char *cipher_name )
{
const mbedtls_cipher_definition_t *def;
@@ -138,9 +146,10 @@
return( NULL );
}
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
- int key_bitlen,
- const mbedtls_cipher_mode_t mode )
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(
+ const mbedtls_cipher_id_t cipher_id,
+ int key_bitlen,
+ const mbedtls_cipher_mode_t mode )
{
const mbedtls_cipher_definition_t *def;
@@ -164,6 +173,29 @@
if( ctx == NULL )
return;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ if( ctx->cipher_ctx != NULL )
+ {
+ mbedtls_cipher_context_psa * const cipher_psa =
+ (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+ if( cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED )
+ {
+ /* xxx_free() doesn't allow to return failures. */
+ (void) psa_destroy_key( cipher_psa->slot );
+ }
+
+ mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) );
+ mbedtls_free( cipher_psa );
+ }
+
+ mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
+ return;
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_CMAC_C)
if( ctx->cmac_ctx )
{
@@ -179,7 +211,8 @@
mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
}
-int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info )
+int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
+ const mbedtls_cipher_info_t *cipher_info )
{
CIPHER_VALIDATE_RET( ctx != NULL );
if( cipher_info == NULL )
@@ -206,6 +239,38 @@
return( 0 );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
+ const mbedtls_cipher_info_t *cipher_info,
+ size_t taglen )
+{
+ psa_algorithm_t alg;
+ mbedtls_cipher_context_psa *cipher_psa;
+
+ if( NULL == cipher_info || NULL == ctx )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* Check that the underlying cipher mode and cipher type are
+ * supported by the underlying PSA Crypto implementation. */
+ alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen );
+ if( alg == 0 )
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ if( mbedtls_psa_translate_cipher_type( cipher_info->type ) == 0 )
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+ memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
+
+ cipher_psa = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) );
+ if( cipher_psa == NULL )
+ return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+ cipher_psa->alg = alg;
+ ctx->cipher_ctx = cipher_psa;
+ ctx->cipher_info = cipher_info;
+ ctx->psa_enabled = 1;
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
const unsigned char *key,
int key_bitlen,
@@ -218,6 +283,72 @@
if( ctx->cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ mbedtls_cipher_context_psa * const cipher_psa =
+ (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+ size_t const key_bytelen = ( (size_t) key_bitlen + 7 ) / 8;
+
+ psa_status_t status;
+ psa_key_type_t key_type;
+ psa_key_usage_t key_usage;
+ psa_key_policy_t key_policy;
+
+ /* PSA Crypto API only accepts byte-aligned keys. */
+ if( key_bitlen % 8 != 0 )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* Don't allow keys to be set multiple times. */
+ if( cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ key_type = mbedtls_psa_translate_cipher_type(
+ ctx->cipher_info->type );
+ if( key_type == 0 )
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+ /* Allocate a key slot to use. */
+ status = psa_allocate_key( &cipher_psa->slot );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ /* Indicate that we own the key slot and need to
+ * destroy it in mbedtls_cipher_free(). */
+ cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED;
+
+ /* From that point on, the responsibility for destroying the
+ * key slot is on mbedtls_cipher_free(). This includes the case
+ * where the policy setup or key import below fail, as
+ * mbedtls_cipher_free() needs to be called in any case. */
+
+ /* Setup policy for the new key slot. */
+ key_policy = psa_key_policy_init();
+
+ /* Mbed TLS' cipher layer doesn't enforce the mode of operation
+ * (encrypt vs. decrypt): it is possible to setup a key for encryption
+ * and use it for AEAD decryption. Until tests relying on this
+ * are changed, allow any usage in PSA. */
+ /* key_usage = mbedtls_psa_translate_cipher_operation( operation ); */
+ key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
+ psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg );
+ status = psa_set_key_policy( cipher_psa->slot, &key_policy );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ /* Populate new key slot. */
+ status = psa_import_key( cipher_psa->slot,
+ key_type, key, key_bytelen );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ ctx->key_bitlen = key_bitlen;
+ ctx->operation = operation;
+ return( 0 );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
(int) ctx->cipher_info->key_bitlen != key_bitlen )
{
@@ -256,6 +387,15 @@
CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
if( ctx->cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* While PSA Crypto has an API for multipart
+ * operations, we currently don't make it
+ * accessible through the cipher layer. */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* avoid buffer overflow in ctx->iv */
if( iv_len > MBEDTLS_MAX_IV_LENGTH )
@@ -299,6 +439,15 @@
if( ctx->cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* We don't support resetting PSA-based
+ * cipher contexts, yet. */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
ctx->unprocessed_len = 0;
return( 0 );
@@ -313,6 +462,16 @@
if( ctx->cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* While PSA Crypto has an API for multipart
+ * operations, we currently don't make it
+ * accessible through the cipher layer. */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
@@ -359,6 +518,16 @@
if( ctx->cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* While PSA Crypto has an API for multipart
+ * operations, we currently don't make it
+ * accessible through the cipher layer. */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
*olen = 0;
block_size = mbedtls_cipher_get_block_size( ctx );
@@ -768,6 +937,16 @@
if( ctx->cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* While PSA Crypto has an API for multipart
+ * operations, we currently don't make it
+ * accessible through the cipher layer. */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
*olen = 0;
if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
@@ -860,6 +1039,19 @@
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* While PSA Crypto knows about CBC padding
+ * schemes, we currently don't make them
+ * accessible through the cipher layer. */
+ if( mode != MBEDTLS_PADDING_NONE )
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+ return( 0 );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
switch( mode )
{
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
@@ -911,6 +1103,16 @@
if( MBEDTLS_ENCRYPT != ctx->operation )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* While PSA Crypto has an API for multipart
+ * operations, we currently don't make it
+ * accessible through the cipher layer. */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
@@ -924,8 +1126,8 @@
if ( tag_len != 16U )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
- return( mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
- tag ) );
+ return( mbedtls_chachapoly_finish(
+ (mbedtls_chachapoly_context*) ctx->cipher_ctx, tag ) );
}
#endif
@@ -948,14 +1150,25 @@
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* While PSA Crypto has an API for multipart
+ * operations, we currently don't make it
+ * accessible through the cipher layer. */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
if( tag_len > sizeof( check_tag ) )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
- if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
- check_tag, tag_len ) ) )
+ if( 0 != ( ret = mbedtls_gcm_finish(
+ (mbedtls_gcm_context *) ctx->cipher_ctx,
+ check_tag, tag_len ) ) )
{
return( ret );
}
@@ -975,8 +1188,8 @@
if ( tag_len != sizeof( check_tag ) )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
- ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
- check_tag );
+ ret = mbedtls_chachapoly_finish(
+ (mbedtls_chachapoly_context*) ctx->cipher_ctx, check_tag );
if ( ret != 0 )
{
return( ret );
@@ -1011,16 +1224,76 @@
CIPHER_VALIDATE_RET( output != NULL );
CIPHER_VALIDATE_RET( olen != NULL );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* As in the non-PSA case, we don't check that
+ * a key has been set. If not, the key slot will
+ * still be in its default state of 0, which is
+ * guaranteed to be invalid, hence the PSA-call
+ * below will gracefully fail. */
+ mbedtls_cipher_context_psa * const cipher_psa =
+ (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+ psa_status_t status;
+ psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT;
+ size_t part_len;
+
+ if( ctx->operation == MBEDTLS_DECRYPT )
+ {
+ status = psa_cipher_decrypt_setup( &cipher_op,
+ cipher_psa->slot,
+ cipher_psa->alg );
+ }
+ else if( ctx->operation == MBEDTLS_ENCRYPT )
+ {
+ status = psa_cipher_encrypt_setup( &cipher_op,
+ cipher_psa->slot,
+ cipher_psa->alg );
+ }
+ else
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ /* In the following, we can immediately return on an error,
+ * because the PSA Crypto API guarantees that cipher operations
+ * are terminated by unsuccessful calls to psa_cipher_update(),
+ * and by any call to psa_cipher_finish(). */
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ status = psa_cipher_set_iv( &cipher_op, iv, iv_len );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ status = psa_cipher_update( &cipher_op,
+ input, ilen,
+ output, ilen, olen );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ status = psa_cipher_finish( &cipher_op,
+ output + *olen, ilen - *olen,
+ &part_len );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ *olen += part_len;
+ return( 0 );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
return( ret );
if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
return( ret );
- if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
+ if( ( ret = mbedtls_cipher_update( ctx, input, ilen,
+ output, olen ) ) != 0 )
return( ret );
- if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
+ if( ( ret = mbedtls_cipher_finish( ctx, output + *olen,
+ &finish_olen ) ) != 0 )
return( ret );
*olen += finish_olen;
@@ -1047,13 +1320,45 @@
CIPHER_VALIDATE_RET( olen != NULL );
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* As in the non-PSA case, we don't check that
+ * a key has been set. If not, the key slot will
+ * still be in its default state of 0, which is
+ * guaranteed to be invalid, hence the PSA-call
+ * below will gracefully fail. */
+ mbedtls_cipher_context_psa * const cipher_psa =
+ (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+ psa_status_t status;
+
+ /* PSA Crypto API always writes the authentication tag
+ * at the end of the encrypted message. */
+ if( tag != output + ilen )
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+ status = psa_aead_encrypt( cipher_psa->slot,
+ cipher_psa->alg,
+ iv, iv_len,
+ ad, ad_len,
+ input, ilen,
+ output, ilen + tag_len, olen );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ *olen -= tag_len;
+ return( 0 );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
*olen = ilen;
- return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen,
- iv, iv_len, ad, ad_len, input, output,
- tag_len, tag ) );
+ return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT,
+ ilen, iv, iv_len, ad, ad_len,
+ input, output, tag_len, tag ) );
}
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C)
@@ -1102,6 +1407,39 @@
CIPHER_VALIDATE_RET( olen != NULL );
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ctx->psa_enabled == 1 )
+ {
+ /* As in the non-PSA case, we don't check that
+ * a key has been set. If not, the key slot will
+ * still be in its default state of 0, which is
+ * guaranteed to be invalid, hence the PSA-call
+ * below will gracefully fail. */
+ mbedtls_cipher_context_psa * const cipher_psa =
+ (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+ psa_status_t status;
+
+ /* PSA Crypto API always writes the authentication tag
+ * at the end of the encrypted message. */
+ if( tag != input + ilen )
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+ status = psa_aead_decrypt( cipher_psa->slot,
+ cipher_psa->alg,
+ iv, iv_len,
+ ad, ad_len,
+ input, ilen + tag_len,
+ output, ilen, olen );
+ if( status == PSA_ERROR_INVALID_SIGNATURE )
+ return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+ else if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+ return( 0 );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 6dd8c5d..d4538ed 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -2266,7 +2266,8 @@
{ MBEDTLS_CIPHER_NONE, NULL }
};
-#define NUM_CIPHERS sizeof mbedtls_cipher_definitions / sizeof mbedtls_cipher_definitions[0]
+#define NUM_CIPHERS ( sizeof(mbedtls_cipher_definitions) / \
+ sizeof(mbedtls_cipher_definitions[0]) )
int mbedtls_cipher_supported[NUM_CIPHERS];
#endif /* MBEDTLS_CIPHER_C */
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index fb12157..0db7beb 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -102,7 +102,8 @@
/*
* Initialize with an empty key
*/
- if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+ if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key,
+ MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
{
return( ret );
}
@@ -120,8 +121,9 @@
const unsigned char *custom,
size_t len )
{
- return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy, custom, len,
- MBEDTLS_CTR_DRBG_ENTROPY_LEN ) );
+ return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy,
+ custom, len,
+ MBEDTLS_CTR_DRBG_ENTROPY_LEN ) );
}
void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx )
@@ -136,17 +138,20 @@
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
}
-void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, int resistance )
+void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
+ int resistance )
{
ctx->prediction_resistance = resistance;
}
-void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len )
+void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
+ size_t len )
{
ctx->entropy_len = len;
}
-void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval )
+void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
+ int interval )
{
ctx->reseed_interval = interval;
}
@@ -154,7 +159,8 @@
static int block_cipher_df( unsigned char *output,
const unsigned char *data, size_t data_len )
{
- unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
+ unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
+ MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
@@ -168,7 +174,8 @@
if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
- memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
+ memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
+ MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
mbedtls_aes_init( &aes_ctx );
/*
@@ -193,7 +200,8 @@
for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
key[i] = i;
- if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+ if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key,
+ MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
{
goto exit;
}
@@ -215,7 +223,8 @@
use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
- if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain ) ) != 0 )
+ if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT,
+ chain, chain ) ) != 0 )
{
goto exit;
}
@@ -232,7 +241,8 @@
/*
* Do final encryption with reduced data
*/
- if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+ if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp,
+ MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
{
goto exit;
}
@@ -241,7 +251,8 @@
for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{
- if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) ) != 0 )
+ if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT,
+ iv, iv ) ) != 0 )
{
goto exit;
}
@@ -277,7 +288,7 @@
* ctx->counter = V
*/
static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
- const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
+ const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
{
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = tmp;
@@ -298,8 +309,11 @@
/*
* Crypt counter block
*/
- if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 )
+ if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
+ ctx->counter, p ) ) != 0 )
+ {
goto exit;
+ }
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
}
@@ -310,9 +324,13 @@
/*
* Update key and counter
*/
- if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+ if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp,
+ MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+ {
goto exit;
- memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
+ }
+ memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE,
+ MBEDTLS_CTR_DRBG_BLOCKSIZE );
exit:
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
@@ -496,11 +514,14 @@
/*
* Crypt counter block
*/
- if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 )
+ if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
+ ctx->counter, tmp ) ) != 0 )
+ {
goto exit;
+ }
- use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
- output_len;
+ use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE )
+ ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len;
/*
* Copy random block to destination
*/
@@ -520,7 +541,8 @@
return( 0 );
}
-int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
+int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output,
+ size_t output_len )
{
int ret;
mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
@@ -541,7 +563,8 @@
}
#if defined(MBEDTLS_FS_IO)
-int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
+int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx,
+ const char *path )
{
int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
FILE *f;
@@ -550,13 +573,19 @@
if( ( f = fopen( path, "wb" ) ) == NULL )
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
- if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
+ if( ( ret = mbedtls_ctr_drbg_random( ctx, buf,
+ MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
goto exit;
- if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
+ if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) !=
+ MBEDTLS_CTR_DRBG_MAX_INPUT )
+ {
ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+ }
else
+ {
ret = 0;
+ }
exit:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
@@ -565,7 +594,8 @@
return( ret );
}
-int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
+int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx,
+ const char *path )
{
int ret = 0;
FILE *f = NULL;
@@ -679,7 +709,7 @@
test_offset = 0;
CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy,
- (void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) );
+ (void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) );
mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
@@ -700,7 +730,7 @@
test_offset = 0;
CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy,
- (void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
+ (void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
diff --git a/library/debug.c b/library/debug.c
index 824cd02..6e1efbf 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -35,6 +35,7 @@
#define mbedtls_free free
#define mbedtls_time_t time_t
#define mbedtls_snprintf snprintf
+#define mbedtls_vsnprintf vsnprintf
#endif
#include "mbedtls/debug.h"
@@ -90,20 +91,7 @@
return;
va_start( argp, format );
-#if defined(_WIN32)
-#if defined(_TRUNCATE) && !defined(__MINGW32__)
- ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp );
-#else
- ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
- if( ret < 0 || (size_t) ret == DEBUG_BUF_SIZE )
- {
- str[DEBUG_BUF_SIZE-1] = '\0';
- ret = -1;
- }
-#endif
-#else
- ret = vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
-#endif
+ ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
va_end( argp );
if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 )
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 1204ef9..dc19384 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -800,11 +800,16 @@
int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
+ int ret = 0;
ECDSA_VALIDATE_RET( ctx != NULL );
ECDSA_VALIDATE_RET( f_rng != NULL );
- return( mbedtls_ecp_group_load( &ctx->grp, gid ) ||
- mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
+ ret = mbedtls_ecp_group_load( &ctx->grp, gid );
+ if( ret != 0 )
+ return( ret );
+
+ return( mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d,
+ &ctx->Q, f_rng, p_rng ) );
}
#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */
diff --git a/library/ecjpake.c b/library/ecjpake.c
index be941b1..b276514 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -951,7 +951,7 @@
0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
};
-/* Load my private keys and generate the correponding public keys */
+/* Load my private keys and generate the corresponding public keys */
static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
const unsigned char *xm1, size_t len1,
const unsigned char *xm2, size_t len2 )
diff --git a/library/error.c b/library/error.c
index 12312a0..c596f0b 100644
--- a/library/error.c
+++ b/library/error.c
@@ -567,7 +567,7 @@
if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) )
mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" );
if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) )
- mbedtls_snprintf( buf, buflen, "X509 - A fatal error occured, eg the chain is too long or the vrfy callback failed" );
+ mbedtls_snprintf( buf, buflen, "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" );
#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
// END generated code
diff --git a/library/pk.c b/library/pk.c
index bac685d..a1e278e 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -41,6 +41,10 @@
#include "mbedtls/ecdsa.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
+
#include <limits.h>
#include <stdint.h>
@@ -147,6 +151,38 @@
return( 0 );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * Initialise a PSA-wrapping context
+ */
+int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_handle_t key )
+{
+ const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info;
+ psa_key_handle_t *pk_ctx;
+ psa_key_type_t type;
+
+ if( ctx == NULL || ctx->pk_info != NULL )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ if( PSA_SUCCESS != psa_get_key_information( key, &type, NULL ) )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ /* Current implementation of can_do() relies on this. */
+ if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
+ return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ;
+
+ if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
+ return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+
+ ctx->pk_info = info;
+
+ pk_ctx = (psa_key_handle_t *) ctx->pk_ctx;
+ *pk_ctx = key;
+
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/*
* Initialize an RSA-alt context
@@ -472,12 +508,14 @@
PK_VALIDATE_RET( prv != NULL );
if( pub->pk_info == NULL ||
- prv->pk_info == NULL ||
- prv->pk_info->check_pair_func == NULL )
+ prv->pk_info == NULL )
{
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
}
+ if( prv->pk_info->check_pair_func == NULL )
+ return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
{
if( pub->pk_info->type != MBEDTLS_PK_RSA )
@@ -543,4 +581,66 @@
return( ctx->pk_info->type );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * Load the key to a PSA key slot,
+ * then turn the PK context into a wrapper for that key slot.
+ *
+ * Currently only works for EC private keys.
+ */
+int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
+ psa_key_handle_t *slot,
+ psa_algorithm_t hash_alg )
+{
+#if !defined(MBEDTLS_ECP_C)
+ return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+#else
+ psa_key_handle_t key;
+ const mbedtls_ecp_keypair *ec;
+ unsigned char d[MBEDTLS_ECP_MAX_BYTES];
+ size_t d_len;
+ psa_ecc_curve_t curve_id;
+ psa_key_type_t key_type;
+ psa_key_policy_t policy;
+ int ret;
+
+ /* export the private key material in the format PSA wants */
+ if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY )
+ return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+ ec = mbedtls_pk_ec( *pk );
+ d_len = ( ec->grp.nbits + 7 ) / 8;
+ if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 )
+ return( ret );
+
+ curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id;
+ key_type = PSA_KEY_TYPE_ECC_KEYPAIR(
+ mbedtls_psa_parse_tls_ecc_group ( curve_id ) );
+
+ /* allocate a key slot */
+ if( PSA_SUCCESS != psa_allocate_key( &key ) )
+ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+ /* set policy */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
+ PSA_ALG_ECDSA(hash_alg) );
+ if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
+ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+ /* import private key in slot */
+ if( PSA_SUCCESS != psa_import_key( key, key_type, d, d_len ) )
+ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+ /* remember slot number to be destroyed later by caller */
+ *slot = key;
+
+ /* make PK context wrap the key slot */
+ mbedtls_pk_free( pk );
+ mbedtls_pk_init( pk );
+
+ return( mbedtls_pk_setup_opaque( pk, key ) );
+#endif /* MBEDTLS_ECP_C */
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_PK_C */
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 87806be..c7f879a 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -41,10 +41,20 @@
#include "mbedtls/ecdsa.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/asn1write.h"
+#endif
+
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
#include "mbedtls/platform_util.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#include "mbedtls/asn1.h"
+#endif
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
@@ -472,6 +482,156 @@
return( type == MBEDTLS_PK_ECDSA );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of
+ * those integers and convert it to the fixed-length encoding expected by PSA.
+ */
+static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end,
+ unsigned char *to, size_t to_len )
+{
+ int ret;
+ size_t unpadded_len, padding_len;
+
+ if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len,
+ MBEDTLS_ASN1_INTEGER ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ while( unpadded_len > 0 && **from == 0x00 )
+ {
+ ( *from )++;
+ unpadded_len--;
+ }
+
+ if( unpadded_len > to_len || unpadded_len == 0 )
+ return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+ padding_len = to_len - unpadded_len;
+ memset( to, 0x00, padding_len );
+ memcpy( to + padding_len, *from, unpadded_len );
+ ( *from ) += unpadded_len;
+
+ return( 0 );
+}
+
+/*
+ * Convert a signature from an ASN.1 sequence of two integers
+ * to a raw {r,s} buffer. Note: the provided sig buffer must be at least
+ * twice as big as int_size.
+ */
+static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
+ unsigned char *sig, size_t int_size )
+{
+ int ret;
+ size_t tmp_size;
+
+ if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+ return( ret );
+
+ /* Extract r */
+ if( ( ret = extract_ecdsa_sig_int( p, end, sig, int_size ) ) != 0 )
+ return( ret );
+ /* Extract s */
+ if( ( ret = extract_ecdsa_sig_int( p, end, sig + int_size, int_size ) ) != 0 )
+ return( ret );
+
+ return( 0 );
+}
+
+static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len )
+{
+ int ret;
+ psa_key_handle_t key_slot;
+ psa_key_policy_t policy;
+ psa_key_type_t psa_type;
+ mbedtls_pk_context key;
+ int key_len;
+ /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */
+ unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES];
+ unsigned char *p;
+ mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
+ psa_algorithm_t psa_sig_md, psa_md;
+ psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group(
+ ( (mbedtls_ecdsa_context *) ctx )->grp.id );
+ const size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7 ) / 8;
+
+ if( curve == 0 )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ /* mbedtls_pk_write_pubkey() expects a full PK context;
+ * re-construct one to make it happy */
+ key.pk_info = &pk_info;
+ key.pk_ctx = ctx;
+ p = buf + sizeof( buf );
+ key_len = mbedtls_pk_write_pubkey( &p, buf, &key );
+ if( key_len <= 0 )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ psa_md = mbedtls_psa_translate_md( md_alg );
+ if( psa_md == 0 )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+ psa_sig_md = PSA_ALG_ECDSA( psa_md );
+ psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
+
+ if( ( ret = psa_allocate_key( &key_slot ) ) != PSA_SUCCESS )
+ return( mbedtls_psa_err_translate_pk( ret ) );
+
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
+ if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS )
+ {
+ ret = mbedtls_psa_err_translate_pk( ret );
+ goto cleanup;
+ }
+
+ if( psa_import_key( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len )
+ != PSA_SUCCESS )
+ {
+ ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+ goto cleanup;
+ }
+
+ /* We don't need the exported key anymore and can
+ * reuse its buffer for signature extraction. */
+ if( 2 * signature_part_size > sizeof( buf ) )
+ {
+ ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+ goto cleanup;
+ }
+
+ p = (unsigned char*) sig;
+ if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf,
+ signature_part_size ) ) != 0 )
+ {
+ goto cleanup;
+ }
+
+ if( psa_asymmetric_verify( key_slot, psa_sig_md,
+ hash, hash_len,
+ buf, 2 * signature_part_size )
+ != PSA_SUCCESS )
+ {
+ ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+ goto cleanup;
+ }
+
+ if( p != sig + sig_len )
+ {
+ ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+ goto cleanup;
+ }
+ ret = 0;
+
+cleanup:
+ psa_destroy_key( key_slot );
+ return( ret );
+}
+#else /* MBEDTLS_USE_PSA_CRYPTO */
static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
@@ -487,6 +647,7 @@
return( ret );
}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
@@ -716,4 +877,182 @@
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+static void *pk_opaque_alloc_wrap( void )
+{
+ void *ctx = mbedtls_calloc( 1, sizeof( psa_key_handle_t ) );
+
+ /* no _init() function to call, an calloc() already zeroized */
+
+ return( ctx );
+}
+
+static void pk_opaque_free_wrap( void *ctx )
+{
+ mbedtls_platform_zeroize( ctx, sizeof( psa_key_handle_t ) );
+ mbedtls_free( ctx );
+}
+
+static size_t pk_opaque_get_bitlen( const void *ctx )
+{
+ const psa_key_handle_t *key = (const psa_key_handle_t *) ctx;
+ size_t bits;
+
+ if( PSA_SUCCESS != psa_get_key_information( *key, NULL, &bits ) )
+ return( 0 );
+
+ return( bits );
+}
+
+static int pk_opaque_can_do( mbedtls_pk_type_t type )
+{
+ /* For now opaque PSA keys can only wrap ECC keypairs,
+ * as checked by setup_psa().
+ * Also, ECKEY_DH does not really make sense with the current API. */
+ return( type == MBEDTLS_PK_ECKEY ||
+ type == MBEDTLS_PK_ECDSA );
+}
+
+/*
+ * Simultaneously convert and move raw MPI from the beginning of a buffer
+ * to an ASN.1 MPI at the end of the buffer.
+ * See also mbedtls_asn1_write_mpi().
+ *
+ * p: pointer to the end of the output buffer
+ * start: start of the output buffer, and also of the mpi to write at the end
+ * n_len: length of the mpi to read from start
+ */
+static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
+ size_t n_len )
+{
+ int ret;
+ size_t len = 0;
+
+ if( (size_t)( *p - start ) < n_len )
+ return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+ len = n_len;
+ *p -= len;
+ memmove( *p, start, len );
+
+ /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
+ * Neither r nor s should be 0, but as a failsafe measure, still detect
+ * that rather than overflowing the buffer in case of a PSA error. */
+ while( len > 0 && **p == 0x00 )
+ {
+ ++(*p);
+ --len;
+ }
+
+ /* this is only reached if the signature was invalid */
+ if( len == 0 )
+ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+ /* if the msb is 1, ASN.1 requires that we prepend a 0.
+ * Neither r nor s can be 0, so we can assume len > 0 at all times. */
+ if( **p & 0x80 )
+ {
+ if( *p - start < 1 )
+ return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+ *--(*p) = 0x00;
+ len += 1;
+ }
+
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
+ MBEDTLS_ASN1_INTEGER ) );
+
+ return( (int) len );
+}
+
+/* Transcode signature from PSA format to ASN.1 sequence.
+ * See ecdsa_signature_to_asn1 in ecdsa.c, but with byte buffers instead of
+ * MPIs, and in-place.
+ *
+ * [in/out] sig: the signature pre- and post-transcoding
+ * [in/out] sig_len: signature length pre- and post-transcoding
+ * [int] buf_len: the available size the in/out buffer
+ */
+static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len,
+ size_t buf_len )
+{
+ int ret;
+ size_t len = 0;
+ const size_t rs_len = *sig_len / 2;
+ unsigned char *p = sig + buf_len;
+
+ MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig + rs_len, rs_len ) );
+ MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig, rs_len ) );
+
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, sig, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, sig,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+ memmove( sig, p, len );
+ *sig_len = len;
+
+ return( 0 );
+}
+
+static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+ const psa_key_handle_t *key = (const psa_key_handle_t *) ctx;
+ psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
+ size_t bits, buf_len;
+ psa_status_t status;
+
+ /* PSA has its own RNG */
+ (void) f_rng;
+ (void) p_rng;
+
+ /* PSA needs an output buffer of known size, but our API doesn't provide
+ * that information. Assume that the buffer is large enough for a
+ * maximal-length signature with that key (otherwise the application is
+ * buggy anyway). */
+ status = psa_get_key_information( *key, NULL, &bits );
+ if( status != PSA_SUCCESS )
+ return( mbedtls_psa_err_translate_pk( status ) );
+
+ buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( bits );
+
+ /* make the signature */
+ status = psa_asymmetric_sign( *key, alg, hash, hash_len,
+ sig, buf_len, sig_len );
+ if( status != PSA_SUCCESS )
+ return( mbedtls_psa_err_translate_pk( status ) );
+
+ /* transcode it to ASN.1 sequence */
+ return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) );
+}
+
+const mbedtls_pk_info_t mbedtls_pk_opaque_info = {
+ MBEDTLS_PK_OPAQUE,
+ "Opaque",
+ pk_opaque_get_bitlen,
+ pk_opaque_can_do,
+ NULL, /* verify - will be done later */
+ pk_opaque_sign_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL, /* restartable verify - not relevant */
+ NULL, /* restartable sign - not relevant */
+#endif
+ NULL, /* decrypt - will be done later */
+ NULL, /* encrypt - will be done later */
+ NULL, /* check_pair - could be done later or left NULL */
+ pk_opaque_alloc_wrap,
+ pk_opaque_free_wrap,
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+ NULL, /* restart alloc - not relevant */
+ NULL, /* restart free - not relevant */
+#endif
+ NULL, /* debug - could be done later, or even left NULL */
+};
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#endif /* MBEDTLS_PK_C */
diff --git a/library/pkwrite.c b/library/pkwrite.c
index 8d1da2f..b87f81b 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -47,6 +47,10 @@
#include "mbedtls/pem.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
@@ -173,6 +177,29 @@
MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) );
else
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
+ {
+ size_t buffer_size;
+ psa_key_handle_t* key_slot = (psa_key_handle_t*) key->pk_ctx;
+
+ if ( *p < start )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ buffer_size = (size_t)( *p - start );
+ if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
+ != PSA_SUCCESS )
+ {
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+ }
+ else
+ {
+ *p -= len;
+ memmove( *p, start, len );
+ }
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
return( (int) len );
@@ -183,6 +210,7 @@
int ret;
unsigned char *c;
size_t len = 0, par_len = 0, oid_len;
+ mbedtls_pk_type_t pk_type;
const char *oid;
PK_VALIDATE_RET( key != NULL );
@@ -208,18 +236,51 @@
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
- if( ( ret = mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_get_type( key ),
- &oid, &oid_len ) ) != 0 )
- {
- return( ret );
- }
-
+ pk_type = mbedtls_pk_get_type( key );
#if defined(MBEDTLS_ECP_C)
- if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
+ if( pk_type == MBEDTLS_PK_ECKEY )
{
MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) );
}
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( pk_type == MBEDTLS_PK_OPAQUE )
+ {
+ psa_status_t status;
+ psa_key_type_t key_type;
+ psa_key_handle_t handle;
+ psa_ecc_curve_t curve;
+
+ handle = *((psa_key_handle_t*) key->pk_ctx );
+
+ status = psa_get_key_information( handle, &key_type,
+ NULL /* bitsize not needed */ );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+ curve = PSA_KEY_TYPE_GET_CURVE( key_type );
+ if( curve == 0 )
+ return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
+ ret = mbedtls_psa_get_ecc_oid_from_id( curve, &oid, &oid_len );
+ if( ret != 0 )
+ return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
+ /* Write EC algorithm parameters; that's akin
+ * to pk_write_ec_param() above. */
+ MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_oid( &c, buf,
+ oid, oid_len ) );
+
+ /* The rest of the function works as for legacy EC contexts. */
+ pk_type = MBEDTLS_PK_ECKEY;
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ if( ( ret = mbedtls_oid_get_oid_by_pk_alg( pk_type, &oid,
+ &oid_len ) ) != 0 )
+ {
+ return( ret );
+ }
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
par_len ) );
diff --git a/library/platform.c b/library/platform.c
index 73a6db9..5756159 100644
--- a/library/platform.c
+++ b/library/platform.c
@@ -82,28 +82,15 @@
!( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&
defined(MBEDTLS_PLATFORM_FREE_MACRO) ) */
-#if defined(_WIN32)
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
#include <stdarg.h>
int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... )
{
int ret;
va_list argp;
- /* Avoid calling the invalid parameter handler by checking ourselves */
- if( s == NULL || n == 0 || fmt == NULL )
- return( -1 );
-
va_start( argp, fmt );
-#if defined(_TRUNCATE) && !defined(__MINGW32__)
- ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp );
-#else
- ret = _vsnprintf( s, n, fmt, argp );
- if( ret < 0 || (size_t) ret == n )
- {
- s[n-1] = '\0';
- ret = -1;
- }
-#endif
+ ret = mbedtls_vsnprintf( s, n, fmt, argp );
va_end( argp );
return( ret );
@@ -140,6 +127,62 @@
}
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
+#include <stdarg.h>
+int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg )
+{
+ int ret;
+
+ /* Avoid calling the invalid parameter handler by checking ourselves */
+ if( s == NULL || n == 0 || fmt == NULL )
+ return( -1 );
+
+#if defined(_TRUNCATE)
+ ret = vsnprintf_s( s, n, _TRUNCATE, fmt, arg );
+#else
+ ret = vsnprintf( s, n, fmt, arg );
+ if( ret < 0 || (size_t) ret == n )
+ {
+ s[n-1] = '\0';
+ ret = -1;
+ }
+#endif
+
+ return( ret );
+}
+#endif
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_vsnprintf_uninit( char * s, size_t n,
+ const char * format, va_list arg )
+{
+ ((void) s);
+ ((void) n);
+ ((void) format);
+ ((void) arg);
+ return( -1 );
+}
+
+#define MBEDTLS_PLATFORM_STD_VSNPRINTF platform_vsnprintf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_VSNPRINTF */
+
+int (*mbedtls_vsnprintf)( char * s, size_t n,
+ const char * format,
+ va_list arg ) = MBEDTLS_PLATFORM_STD_VSNPRINTF;
+
+int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
+ const char * format,
+ va_list arg ) )
+{
+ mbedtls_vsnprintf = vsnprintf_func;
+ return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
/*
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
new file mode 100644
index 0000000..cd1499a
--- /dev/null
+++ b/library/psa_crypto.c
@@ -0,0 +1,4656 @@
+/*
+ * PSA crypto layer on top of Mbed TLS crypto
+ */
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa_crypto_service_integration.h"
+#include "psa/crypto.h"
+
+#include "psa_crypto_core.h"
+#include "psa_crypto_invasive.h"
+#include "psa_crypto_slot_management.h"
+/* Include internal declarations that are useful for implementing persistently
+ * stored keys. */
+#include "psa_crypto_storage.h"
+
+#include <stdlib.h>
+#include <string.h>
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
+#include "mbedtls/arc4.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/des.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/error.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md_internal.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/pk_internal.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/xtea.h"
+
+#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
+
+/* constant-time buffer comparison */
+static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
+{
+ size_t i;
+ unsigned char diff = 0;
+
+ for( i = 0; i < n; i++ )
+ diff |= a[i] ^ b[i];
+
+ return( diff );
+}
+
+
+
+/****************************************************************/
+/* Global data, support functions and library management */
+/****************************************************************/
+
+static int key_type_is_raw_bytes( psa_key_type_t type )
+{
+ return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) );
+}
+
+/* Values for psa_global_data_t::rng_state */
+#define RNG_NOT_INITIALIZED 0
+#define RNG_INITIALIZED 1
+#define RNG_SEEDED 2
+
+typedef struct
+{
+ void (* entropy_init )( mbedtls_entropy_context *ctx );
+ void (* entropy_free )( mbedtls_entropy_context *ctx );
+ mbedtls_entropy_context entropy;
+ mbedtls_ctr_drbg_context ctr_drbg;
+ unsigned initialized : 1;
+ unsigned rng_state : 2;
+} psa_global_data_t;
+
+static psa_global_data_t global_data;
+
+#define GUARD_MODULE_INITIALIZED \
+ if( global_data.initialized == 0 ) \
+ return( PSA_ERROR_BAD_STATE );
+
+static psa_status_t mbedtls_to_psa_error( int ret )
+{
+ /* If there's both a high-level code and low-level code, dispatch on
+ * the high-level code. */
+ switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret )
+ {
+ case 0:
+ return( PSA_SUCCESS );
+
+ case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH:
+ case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:
+ case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_AES_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_ASN1_OUT_OF_DATA:
+ case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:
+ case MBEDTLS_ERR_ASN1_INVALID_LENGTH:
+ case MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:
+ case MBEDTLS_ERR_ASN1_INVALID_DATA:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_ASN1_ALLOC_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
+ case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA:
+#elif defined(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH)
+ case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH:
+#endif
+ case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
+ case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
+#elif defined(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH)
+ case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH:
+#endif
+ case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_CCM_BAD_INPUT:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_CCM_AUTH_FAILED:
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_CIPHER_ALLOC_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_CIPHER_INVALID_PADDING:
+ return( PSA_ERROR_INVALID_PADDING );
+ case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED:
+ return( PSA_ERROR_BAD_STATE );
+ case MBEDTLS_ERR_CIPHER_AUTH_FAILED:
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT:
+ return( PSA_ERROR_TAMPERING_DETECTED );
+ case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+ case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG:
+ case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR:
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+
+ case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_DES_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
+ case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
+ case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+
+ case MBEDTLS_ERR_GCM_AUTH_FAILED:
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ case MBEDTLS_ERR_GCM_BAD_INPUT:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED:
+ case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED:
+ case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_MD_BAD_INPUT_DATA:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_MD_ALLOC_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_MD_FILE_IO_ERROR:
+ return( PSA_ERROR_STORAGE_FAILURE );
+ case MBEDTLS_ERR_MD_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_MPI_FILE_IO_ERROR:
+ return( PSA_ERROR_STORAGE_FAILURE );
+ case MBEDTLS_ERR_MPI_BAD_INPUT_DATA:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_MPI_INVALID_CHARACTER:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL:
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ case MBEDTLS_ERR_MPI_NEGATIVE_VALUE:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_MPI_DIVISION_BY_ZERO:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_MPI_ALLOC_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+ case MBEDTLS_ERR_PK_ALLOC_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_PK_TYPE_MISMATCH:
+ case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_PK_FILE_IO_ERROR:
+ return( PSA_ERROR_STORAGE_FAILURE );
+ case MBEDTLS_ERR_PK_KEY_INVALID_VERSION:
+ case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_PK_PASSWORD_REQUIRED:
+ case MBEDTLS_ERR_PK_PASSWORD_MISMATCH:
+ return( PSA_ERROR_NOT_PERMITTED );
+ case MBEDTLS_ERR_PK_INVALID_PUBKEY:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_PK_INVALID_ALG:
+ case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE:
+ case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ case MBEDTLS_ERR_PK_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_RSA_BAD_INPUT_DATA:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_RSA_INVALID_PADDING:
+ return( PSA_ERROR_INVALID_PADDING );
+ case MBEDTLS_ERR_RSA_KEY_GEN_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+ case MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_RSA_PUBLIC_FAILED:
+ case MBEDTLS_ERR_RSA_PRIVATE_FAILED:
+ return( PSA_ERROR_TAMPERING_DETECTED );
+ case MBEDTLS_ERR_RSA_VERIFY_FAILED:
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE:
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ case MBEDTLS_ERR_RSA_RNG_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED:
+ case MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED:
+ case MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
+ case MBEDTLS_ERR_ECP_INVALID_KEY:
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL:
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ case MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH:
+ case MBEDTLS_ERR_ECP_VERIFY_FAILED:
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ case MBEDTLS_ERR_ECP_ALLOC_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED:
+ return( PSA_ERROR_HARDWARE_FAILURE );
+
+ default:
+ return( PSA_ERROR_GENERIC_ERROR );
+ }
+}
+
+
+
+
+/****************************************************************/
+/* Key management */
+/****************************************************************/
+
+#if defined(MBEDTLS_ECP_C)
+static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
+{
+ switch( grpid )
+ {
+ case MBEDTLS_ECP_DP_SECP192R1:
+ return( PSA_ECC_CURVE_SECP192R1 );
+ case MBEDTLS_ECP_DP_SECP224R1:
+ return( PSA_ECC_CURVE_SECP224R1 );
+ case MBEDTLS_ECP_DP_SECP256R1:
+ return( PSA_ECC_CURVE_SECP256R1 );
+ case MBEDTLS_ECP_DP_SECP384R1:
+ return( PSA_ECC_CURVE_SECP384R1 );
+ case MBEDTLS_ECP_DP_SECP521R1:
+ return( PSA_ECC_CURVE_SECP521R1 );
+ case MBEDTLS_ECP_DP_BP256R1:
+ return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
+ case MBEDTLS_ECP_DP_BP384R1:
+ return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
+ case MBEDTLS_ECP_DP_BP512R1:
+ return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
+ case MBEDTLS_ECP_DP_CURVE25519:
+ return( PSA_ECC_CURVE_CURVE25519 );
+ case MBEDTLS_ECP_DP_SECP192K1:
+ return( PSA_ECC_CURVE_SECP192K1 );
+ case MBEDTLS_ECP_DP_SECP224K1:
+ return( PSA_ECC_CURVE_SECP224K1 );
+ case MBEDTLS_ECP_DP_SECP256K1:
+ return( PSA_ECC_CURVE_SECP256K1 );
+ case MBEDTLS_ECP_DP_CURVE448:
+ return( PSA_ECC_CURVE_CURVE448 );
+ default:
+ return( 0 );
+ }
+}
+
+static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve )
+{
+ switch( curve )
+ {
+ case PSA_ECC_CURVE_SECP192R1:
+ return( MBEDTLS_ECP_DP_SECP192R1 );
+ case PSA_ECC_CURVE_SECP224R1:
+ return( MBEDTLS_ECP_DP_SECP224R1 );
+ case PSA_ECC_CURVE_SECP256R1:
+ return( MBEDTLS_ECP_DP_SECP256R1 );
+ case PSA_ECC_CURVE_SECP384R1:
+ return( MBEDTLS_ECP_DP_SECP384R1 );
+ case PSA_ECC_CURVE_SECP521R1:
+ return( MBEDTLS_ECP_DP_SECP521R1 );
+ case PSA_ECC_CURVE_BRAINPOOL_P256R1:
+ return( MBEDTLS_ECP_DP_BP256R1 );
+ case PSA_ECC_CURVE_BRAINPOOL_P384R1:
+ return( MBEDTLS_ECP_DP_BP384R1 );
+ case PSA_ECC_CURVE_BRAINPOOL_P512R1:
+ return( MBEDTLS_ECP_DP_BP512R1 );
+ case PSA_ECC_CURVE_CURVE25519:
+ return( MBEDTLS_ECP_DP_CURVE25519 );
+ case PSA_ECC_CURVE_SECP192K1:
+ return( MBEDTLS_ECP_DP_SECP192K1 );
+ case PSA_ECC_CURVE_SECP224K1:
+ return( MBEDTLS_ECP_DP_SECP224K1 );
+ case PSA_ECC_CURVE_SECP256K1:
+ return( MBEDTLS_ECP_DP_SECP256K1 );
+ case PSA_ECC_CURVE_CURVE448:
+ return( MBEDTLS_ECP_DP_CURVE448 );
+ default:
+ return( MBEDTLS_ECP_DP_NONE );
+ }
+}
+#endif /* defined(MBEDTLS_ECP_C) */
+
+static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
+ size_t bits,
+ struct raw_data *raw )
+{
+ /* Check that the bit size is acceptable for the key type */
+ switch( type )
+ {
+ case PSA_KEY_TYPE_RAW_DATA:
+ if( bits == 0 )
+ {
+ raw->bytes = 0;
+ raw->data = NULL;
+ return( PSA_SUCCESS );
+ }
+ break;
+#if defined(MBEDTLS_MD_C)
+ case PSA_KEY_TYPE_HMAC:
+#endif
+ case PSA_KEY_TYPE_DERIVE:
+ break;
+#if defined(MBEDTLS_AES_C)
+ case PSA_KEY_TYPE_AES:
+ if( bits != 128 && bits != 192 && bits != 256 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ break;
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+ case PSA_KEY_TYPE_CAMELLIA:
+ if( bits != 128 && bits != 192 && bits != 256 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ break;
+#endif
+#if defined(MBEDTLS_DES_C)
+ case PSA_KEY_TYPE_DES:
+ if( bits != 64 && bits != 128 && bits != 192 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ break;
+#endif
+#if defined(MBEDTLS_ARC4_C)
+ case PSA_KEY_TYPE_ARC4:
+ if( bits < 8 || bits > 2048 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ break;
+#endif
+ default:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+ if( bits % 8 != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Allocate memory for the key */
+ raw->bytes = PSA_BITS_TO_BYTES( bits );
+ raw->data = mbedtls_calloc( 1, raw->bytes );
+ if( raw->data == NULL )
+ {
+ raw->bytes = 0;
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ }
+ return( PSA_SUCCESS );
+}
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
+ * that are not a multiple of 8) well. For example, there is only
+ * mbedtls_rsa_get_len(), which returns a number of bytes, and no
+ * way to return the exact bit size of a key.
+ * To keep things simple, reject non-byte-aligned key sizes. */
+static psa_status_t psa_check_rsa_key_byte_aligned(
+ const mbedtls_rsa_context *rsa )
+{
+ mbedtls_mpi n;
+ psa_status_t status;
+ mbedtls_mpi_init( &n );
+ status = mbedtls_to_psa_error(
+ mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) );
+ if( status == PSA_SUCCESS )
+ {
+ if( mbedtls_mpi_bitlen( &n ) % 8 != 0 )
+ status = PSA_ERROR_NOT_SUPPORTED;
+ }
+ mbedtls_mpi_free( &n );
+ return( status );
+}
+
+static psa_status_t psa_import_rsa_key( psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_rsa_context **p_rsa )
+{
+ psa_status_t status;
+ mbedtls_pk_context pk;
+ mbedtls_rsa_context *rsa;
+ size_t bits;
+
+ mbedtls_pk_init( &pk );
+
+ /* Parse the data. */
+ if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
+ status = mbedtls_to_psa_error(
+ mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 ) );
+ else
+ status = mbedtls_to_psa_error(
+ mbedtls_pk_parse_public_key( &pk, data, data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* We have something that the pkparse module recognizes. If it is a
+ * valid RSA key, store it. */
+ if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_RSA )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ rsa = mbedtls_pk_rsa( pk );
+ /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS
+ * supports non-byte-aligned key sizes, but not well. For example,
+ * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */
+ bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
+ if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+ status = psa_check_rsa_key_byte_aligned( rsa );
+
+exit:
+ /* Free the content of the pk object only on error. */
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_pk_free( &pk );
+ return( status );
+ }
+
+ /* On success, store the content of the object in the RSA context. */
+ *p_rsa = rsa;
+
+ return( PSA_SUCCESS );
+}
+#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
+
+#if defined(MBEDTLS_ECP_C)
+
+/* Import a public key given as the uncompressed representation defined by SEC1
+ * 2.3.3 as the content of an ECPoint. */
+static psa_status_t psa_import_ec_public_key( psa_ecc_curve_t curve,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_ecp_keypair **p_ecp )
+{
+ psa_status_t status = PSA_ERROR_TAMPERING_DETECTED;
+ mbedtls_ecp_keypair *ecp = NULL;
+ mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
+
+ *p_ecp = NULL;
+ ecp = mbedtls_calloc( 1, sizeof( *ecp ) );
+ if( ecp == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ mbedtls_ecp_keypair_init( ecp );
+
+ /* Load the group. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_group_load( &ecp->grp, grp_id ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ /* Load the public value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q,
+ data, data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Check that the point is on the curve. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *p_ecp = ecp;
+ return( PSA_SUCCESS );
+
+exit:
+ if( ecp != NULL )
+ {
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ }
+ return( status );
+}
+#endif /* defined(MBEDTLS_ECP_C) */
+
+#if defined(MBEDTLS_ECP_C)
+/* Import a private key given as a byte string which is the private value
+ * in big-endian order. */
+static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve,
+ const uint8_t *data,
+ size_t data_length,
+ mbedtls_ecp_keypair **p_ecp )
+{
+ psa_status_t status = PSA_ERROR_TAMPERING_DETECTED;
+ mbedtls_ecp_keypair *ecp = NULL;
+ mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
+
+ *p_ecp = NULL;
+ ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
+ if( ecp == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ mbedtls_ecp_keypair_init( ecp );
+
+ /* Load the group. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_group_load( &ecp->grp, grp_id ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ /* Load the secret value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_mpi_read_binary( &ecp->d, data, data_length ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ /* Validate the private key. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ /* Calculate the public key from the private key. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+ mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ *p_ecp = ecp;
+ return( PSA_SUCCESS );
+
+exit:
+ if( ecp != NULL )
+ {
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ }
+ return( status );
+}
+#endif /* defined(MBEDTLS_ECP_C) */
+
+/** Import key data into a slot. `slot->type` must have been set
+ * previously. This function assumes that the slot does not contain
+ * any key material yet. On failure, the slot content is unchanged. */
+psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
+ const uint8_t *data,
+ size_t data_length )
+{
+ psa_status_t status = PSA_SUCCESS;
+
+ if( key_type_is_raw_bytes( slot->type ) )
+ {
+ /* Ensure that a bytes-to-bit conversion won't overflow. */
+ if( data_length > SIZE_MAX / 8 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ status = prepare_raw_data_slot( slot->type,
+ PSA_BYTES_TO_BITS( data_length ),
+ &slot->data.raw );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( data_length != 0 )
+ memcpy( slot->data.raw.data, data, data_length );
+ }
+ else
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) )
+ {
+ status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ),
+ data, data_length,
+ &slot->data.ecp );
+ }
+ else if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( slot->type ) )
+ {
+ status = psa_import_ec_public_key(
+ PSA_KEY_TYPE_GET_CURVE( slot->type ),
+ data, data_length,
+ &slot->data.ecp );
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+ if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+ {
+ status = psa_import_rsa_key( slot->type,
+ data, data_length,
+ &slot->data.rsa );
+ }
+ else
+#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+ return( status );
+}
+
+/* Retrieve an empty key slot (slot with no key data, but possibly
+ * with some metadata such as a policy). */
+static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle,
+ psa_key_slot_t **p_slot )
+{
+ psa_status_t status;
+ psa_key_slot_t *slot = NULL;
+
+ *p_slot = NULL;
+
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( slot->type != PSA_KEY_TYPE_NONE )
+ return( PSA_ERROR_ALREADY_EXISTS );
+
+ *p_slot = slot;
+ return( status );
+}
+
+/** Calculate the intersection of two algorithm usage policies.
+ *
+ * Return 0 (which allows no operation) on incompatibility.
+ */
+static psa_algorithm_t psa_key_policy_algorithm_intersection(
+ psa_algorithm_t alg1,
+ psa_algorithm_t alg2 )
+{
+ /* Common case: the policy only allows alg. */
+ if( alg1 == alg2 )
+ return( alg1 );
+ /* If the policies are from the same hash-and-sign family, check
+ * if one is a wildcard. If so the other has the specific algorithm. */
+ if( PSA_ALG_IS_HASH_AND_SIGN( alg1 ) &&
+ PSA_ALG_IS_HASH_AND_SIGN( alg2 ) &&
+ ( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) )
+ {
+ if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH )
+ return( alg2 );
+ if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH )
+ return( alg1 );
+ }
+ /* If the policies are incompatible, allow nothing. */
+ return( 0 );
+}
+
+/** Test whether a policy permits an algorithm.
+ *
+ * The caller must test usage flags separately.
+ */
+static int psa_key_policy_permits( const psa_key_policy_t *policy,
+ psa_algorithm_t alg )
+{
+ /* Common case: the policy only allows alg. */
+ if( alg == policy->alg )
+ return( 1 );
+ /* If policy->alg is a hash-and-sign with a wildcard for the hash,
+ * and alg is the same hash-and-sign family with any hash,
+ * then alg is compliant with policy->alg. */
+ if( PSA_ALG_IS_HASH_AND_SIGN( alg ) &&
+ PSA_ALG_SIGN_GET_HASH( policy->alg ) == PSA_ALG_ANY_HASH )
+ {
+ return( ( policy->alg & ~PSA_ALG_HASH_MASK ) ==
+ ( alg & ~PSA_ALG_HASH_MASK ) );
+ }
+ /* If it isn't permitted, it's forbidden. */
+ return( 0 );
+}
+
+/** Restrict a key policy based on a constraint.
+ *
+ * \param[in,out] policy The policy to restrict.
+ * \param[in] constraint The policy constraint to apply.
+ *
+ * \retval #PSA_SUCCESS
+ * \c *policy contains the intersection of the original value of
+ * \c *policy and \c *constraint.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \c *policy and \c *constraint are incompatible.
+ * \c *policy is unchanged.
+ */
+static psa_status_t psa_restrict_key_policy(
+ psa_key_policy_t *policy,
+ const psa_key_policy_t *constraint )
+{
+ psa_algorithm_t intersection_alg =
+ psa_key_policy_algorithm_intersection( policy->alg, constraint->alg );
+ if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ policy->usage &= constraint->usage;
+ policy->alg = intersection_alg;
+ return( PSA_SUCCESS );
+}
+
+/** Retrieve a slot which must contain a key. The key must have allow all the
+ * usage flags set in \p usage. If \p alg is nonzero, the key must allow
+ * operations with this algorithm. */
+static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle,
+ psa_key_slot_t **p_slot,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_status_t status;
+ psa_key_slot_t *slot = NULL;
+
+ *p_slot = NULL;
+
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( slot->type == PSA_KEY_TYPE_NONE )
+ return( PSA_ERROR_DOES_NOT_EXIST );
+
+ /* Enforce that usage policy for the key slot contains all the flags
+ * required by the usage parameter. There is one exception: public
+ * keys can always be exported, so we treat public key objects as
+ * if they had the export flag. */
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
+ usage &= ~PSA_KEY_USAGE_EXPORT;
+ if( ( slot->policy.usage & usage ) != usage )
+ return( PSA_ERROR_NOT_PERMITTED );
+
+ /* Enforce that the usage policy permits the requested algortihm. */
+ if( alg != 0 && ! psa_key_policy_permits( &slot->policy, alg ) )
+ return( PSA_ERROR_NOT_PERMITTED );
+
+ *p_slot = slot;
+ return( PSA_SUCCESS );
+}
+
+/** Wipe key data from a slot. Preserve metadata such as the policy. */
+static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
+{
+ if( slot->type == PSA_KEY_TYPE_NONE )
+ {
+ /* No key material to clean. */
+ }
+ else if( key_type_is_raw_bytes( slot->type ) )
+ {
+ mbedtls_free( slot->data.raw.data );
+ }
+ else
+#if defined(MBEDTLS_RSA_C)
+ if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+ {
+ mbedtls_rsa_free( slot->data.rsa );
+ mbedtls_free( slot->data.rsa );
+ }
+ else
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+ {
+ mbedtls_ecp_keypair_free( slot->data.ecp );
+ mbedtls_free( slot->data.ecp );
+ }
+ else
+#endif /* defined(MBEDTLS_ECP_C) */
+ {
+ /* Shouldn't happen: the key type is not any type that we
+ * put in. */
+ return( PSA_ERROR_TAMPERING_DETECTED );
+ }
+
+ return( PSA_SUCCESS );
+}
+
+/** Completely wipe a slot in memory, including its policy.
+ * Persistent storage is not affected. */
+psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
+{
+ psa_status_t status = psa_remove_key_data_from_memory( slot );
+ /* At this point, key material and other type-specific content has
+ * been wiped. Clear remaining metadata. We can call memset and not
+ * zeroize because the metadata is not particularly sensitive. */
+ memset( slot, 0, sizeof( *slot ) );
+ return( status );
+}
+
+psa_status_t psa_import_key( psa_key_handle_t handle,
+ psa_key_type_t type,
+ const uint8_t *data,
+ size_t data_length )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ status = psa_get_empty_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ slot->type = type;
+
+ status = psa_import_key_into_slot( slot, data, data_length );
+ if( status != PSA_SUCCESS )
+ {
+ slot->type = PSA_KEY_TYPE_NONE;
+ return( status );
+ }
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+ {
+ /* Store in file location */
+ status = psa_save_persistent_key( slot->persistent_storage_id,
+ slot->type, &slot->policy, data,
+ data_length );
+ if( status != PSA_SUCCESS )
+ {
+ (void) psa_remove_key_data_from_memory( slot );
+ slot->type = PSA_KEY_TYPE_NONE;
+ }
+ }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+ return( status );
+}
+
+psa_status_t psa_destroy_key( psa_key_handle_t handle )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status = PSA_SUCCESS;
+ psa_status_t storage_status = PSA_SUCCESS;
+
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+ {
+ storage_status =
+ psa_destroy_persistent_key( slot->persistent_storage_id );
+ }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+ status = psa_wipe_key_slot( slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+ return( storage_status );
+}
+
+/* Return the size of the key in the given slot, in bits. */
+static size_t psa_get_key_bits( const psa_key_slot_t *slot )
+{
+ if( key_type_is_raw_bytes( slot->type ) )
+ return( slot->data.raw.bytes * 8 );
+#if defined(MBEDTLS_RSA_C)
+ if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+ return( PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ) );
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+ return( slot->data.ecp->grp.pbits );
+#endif /* defined(MBEDTLS_ECP_C) */
+ /* Shouldn't happen except on an empty slot. */
+ return( 0 );
+}
+
+psa_status_t psa_get_key_information( psa_key_handle_t handle,
+ psa_key_type_t *type,
+ size_t *bits )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ if( type != NULL )
+ *type = 0;
+ if( bits != NULL )
+ *bits = 0;
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( slot->type == PSA_KEY_TYPE_NONE )
+ return( PSA_ERROR_DOES_NOT_EXIST );
+ if( type != NULL )
+ *type = slot->type;
+ if( bits != NULL )
+ *bits = psa_get_key_bits( slot );
+ return( PSA_SUCCESS );
+}
+
+#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C)
+static int pk_write_pubkey_simple( mbedtls_pk_context *key,
+ unsigned char *buf, size_t size )
+{
+ int ret;
+ unsigned char *c;
+ size_t len = 0;
+
+ c = buf + size;
+
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) );
+
+ return( (int) len );
+}
+#endif /* defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) */
+
+static psa_status_t psa_internal_export_key( const psa_key_slot_t *slot,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length,
+ int export_public_key )
+{
+ *data_length = 0;
+
+ if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ if( key_type_is_raw_bytes( slot->type ) )
+ {
+ if( slot->data.raw.bytes > data_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ if( data_size != 0 )
+ {
+ memcpy( data, slot->data.raw.data, slot->data.raw.bytes );
+ memset( data + slot->data.raw.bytes, 0,
+ data_size - slot->data.raw.bytes );
+ }
+ *data_length = slot->data.raw.bytes;
+ return( PSA_SUCCESS );
+ }
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) && !export_public_key )
+ {
+ psa_status_t status;
+
+ size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( slot ) );
+ if( bytes > data_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ status = mbedtls_to_psa_error(
+ mbedtls_mpi_write_binary( &slot->data.ecp->d, data, bytes ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ memset( data + bytes, 0, data_size - bytes );
+ *data_length = bytes;
+ return( PSA_SUCCESS );
+ }
+#endif
+ else
+ {
+#if defined(MBEDTLS_PK_WRITE_C)
+ if( PSA_KEY_TYPE_IS_RSA( slot->type ) ||
+ PSA_KEY_TYPE_IS_ECC( slot->type ) )
+ {
+ mbedtls_pk_context pk;
+ int ret;
+ if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+ {
+#if defined(MBEDTLS_RSA_C)
+ mbedtls_pk_init( &pk );
+ pk.pk_info = &mbedtls_rsa_info;
+ pk.pk_ctx = slot->data.rsa;
+#else
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+ }
+ else
+ {
+#if defined(MBEDTLS_ECP_C)
+ mbedtls_pk_init( &pk );
+ pk.pk_info = &mbedtls_eckey_info;
+ pk.pk_ctx = slot->data.ecp;
+#else
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+ }
+ if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
+ {
+ ret = pk_write_pubkey_simple( &pk, data, data_size );
+ }
+ else
+ {
+ ret = mbedtls_pk_write_key_der( &pk, data, data_size );
+ }
+ if( ret < 0 )
+ {
+ /* If data_size is 0 then data may be NULL and then the
+ * call to memset would have undefined behavior. */
+ if( data_size != 0 )
+ memset( data, 0, data_size );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+ /* The mbedtls_pk_xxx functions write to the end of the buffer.
+ * Move the data to the beginning and erase remaining data
+ * at the original location. */
+ if( 2 * (size_t) ret <= data_size )
+ {
+ memcpy( data, data + data_size - ret, ret );
+ memset( data + data_size - ret, 0, ret );
+ }
+ else if( (size_t) ret < data_size )
+ {
+ memmove( data, data + data_size - ret, ret );
+ memset( data + ret, 0, data_size - ret );
+ }
+ *data_length = ret;
+ return( PSA_SUCCESS );
+ }
+ else
+#endif /* defined(MBEDTLS_PK_WRITE_C) */
+ {
+ /* This shouldn't happen in the reference implementation, but
+ it is valid for a special-purpose implementation to omit
+ support for exporting certain key types. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+ }
+}
+
+psa_status_t psa_export_key( psa_key_handle_t handle,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ /* Set the key to empty now, so that even when there are errors, we always
+ * set data_length to a value between 0 and data_size. On error, setting
+ * the key to empty is a good choice because an empty key representation is
+ * unlikely to be accepted anywhere. */
+ *data_length = 0;
+
+ /* Export requires the EXPORT flag. There is an exception for public keys,
+ * which don't require any flag, but psa_get_key_from_slot takes
+ * care of this. */
+ status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_EXPORT, 0 );
+ if( status != PSA_SUCCESS )
+ return( status );
+ return( psa_internal_export_key( slot, data, data_size,
+ data_length, 0 ) );
+}
+
+psa_status_t psa_export_public_key( psa_key_handle_t handle,
+ uint8_t *data,
+ size_t data_size,
+ size_t *data_length )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ /* Set the key to empty now, so that even when there are errors, we always
+ * set data_length to a value between 0 and data_size. On error, setting
+ * the key to empty is a good choice because an empty key representation is
+ * unlikely to be accepted anywhere. */
+ *data_length = 0;
+
+ /* Exporting a public key doesn't require a usage flag. */
+ status = psa_get_key_from_slot( handle, &slot, 0, 0 );
+ if( status != PSA_SUCCESS )
+ return( status );
+ return( psa_internal_export_key( slot, data, data_size,
+ data_length, 1 ) );
+}
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t *slot,
+ size_t bits )
+{
+ psa_status_t status;
+ uint8_t *data;
+ size_t key_length;
+ size_t data_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, bits );
+ data = mbedtls_calloc( 1, data_size );
+ if( data == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ /* Get key data in export format */
+ status = psa_internal_export_key( slot, data, data_size, &key_length, 0 );
+ if( status != PSA_SUCCESS )
+ {
+ slot->type = PSA_KEY_TYPE_NONE;
+ goto exit;
+ }
+ /* Store in file location */
+ status = psa_save_persistent_key( slot->persistent_storage_id,
+ slot->type, &slot->policy,
+ data, key_length );
+ if( status != PSA_SUCCESS )
+ {
+ slot->type = PSA_KEY_TYPE_NONE;
+ }
+exit:
+ mbedtls_platform_zeroize( data, key_length );
+ mbedtls_free( data );
+ return( status );
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+static psa_status_t psa_copy_key_material( const psa_key_slot_t *source,
+ psa_key_handle_t target )
+{
+ psa_status_t status;
+ uint8_t *buffer = NULL;
+ size_t buffer_size = 0;
+ size_t length;
+
+ buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->type,
+ psa_get_key_bits( source ) );
+ buffer = mbedtls_calloc( 1, buffer_size );
+ if( buffer == NULL && buffer_size != 0 )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ status = psa_import_key( target, source->type, buffer, length );
+
+exit:
+ if( buffer_size != 0 )
+ mbedtls_platform_zeroize( buffer, buffer_size );
+ mbedtls_free( buffer );
+ return( status );
+}
+
+psa_status_t psa_copy_key(psa_key_handle_t source_handle,
+ psa_key_handle_t target_handle,
+ const psa_key_policy_t *constraint)
+{
+ psa_key_slot_t *source_slot = NULL;
+ psa_key_slot_t *target_slot = NULL;
+ psa_key_policy_t new_policy;
+ psa_status_t status;
+ status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_get_empty_key_slot( target_handle, &target_slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ new_policy = target_slot->policy;
+ status = psa_restrict_key_policy( &new_policy, &source_slot->policy );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( constraint != NULL )
+ {
+ status = psa_restrict_key_policy( &new_policy, constraint );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+
+ status = psa_copy_key_material( source_slot, target_handle );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ target_slot->policy = new_policy;
+ return( PSA_SUCCESS );
+}
+
+
+
+/****************************************************************/
+/* Message digests */
+/****************************************************************/
+
+static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
+{
+ switch( alg )
+ {
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ return( &mbedtls_md2_info );
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ return( &mbedtls_md4_info );
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ return( &mbedtls_md5_info );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ return( &mbedtls_ripemd160_info );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ return( &mbedtls_sha1_info );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ return( &mbedtls_sha224_info );
+ case PSA_ALG_SHA_256:
+ return( &mbedtls_sha256_info );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_384:
+ return( &mbedtls_sha384_info );
+ case PSA_ALG_SHA_512:
+ return( &mbedtls_sha512_info );
+#endif
+ default:
+ return( NULL );
+ }
+}
+
+psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
+{
+ switch( operation->alg )
+ {
+ case 0:
+ /* The object has (apparently) been initialized but it is not
+ * in use. It's ok to call abort on such an object, and there's
+ * nothing to do. */
+ break;
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ mbedtls_md2_free( &operation->ctx.md2 );
+ break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ mbedtls_md4_free( &operation->ctx.md4 );
+ break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ mbedtls_md5_free( &operation->ctx.md5 );
+ break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ mbedtls_sha1_free( &operation->ctx.sha1 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ case PSA_ALG_SHA_256:
+ mbedtls_sha256_free( &operation->ctx.sha256 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_384:
+ case PSA_ALG_SHA_512:
+ mbedtls_sha512_free( &operation->ctx.sha512 );
+ break;
+#endif
+ default:
+ return( PSA_ERROR_BAD_STATE );
+ }
+ operation->alg = 0;
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_hash_setup( psa_hash_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ int ret;
+
+ /* A context must be freshly initialized before it can be set up. */
+ if( operation->alg != 0 )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ switch( alg )
+ {
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ mbedtls_md2_init( &operation->ctx.md2 );
+ ret = mbedtls_md2_starts_ret( &operation->ctx.md2 );
+ break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ mbedtls_md4_init( &operation->ctx.md4 );
+ ret = mbedtls_md4_starts_ret( &operation->ctx.md4 );
+ break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ mbedtls_md5_init( &operation->ctx.md5 );
+ ret = mbedtls_md5_starts_ret( &operation->ctx.md5 );
+ break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
+ ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ mbedtls_sha1_init( &operation->ctx.sha1 );
+ ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ mbedtls_sha256_init( &operation->ctx.sha256 );
+ ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 );
+ break;
+ case PSA_ALG_SHA_256:
+ mbedtls_sha256_init( &operation->ctx.sha256 );
+ ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_384:
+ mbedtls_sha512_init( &operation->ctx.sha512 );
+ ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 );
+ break;
+ case PSA_ALG_SHA_512:
+ mbedtls_sha512_init( &operation->ctx.sha512 );
+ ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 );
+ break;
+#endif
+ default:
+ return( PSA_ALG_IS_HASH( alg ) ?
+ PSA_ERROR_NOT_SUPPORTED :
+ PSA_ERROR_INVALID_ARGUMENT );
+ }
+ if( ret == 0 )
+ operation->alg = alg;
+ else
+ psa_hash_abort( operation );
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+psa_status_t psa_hash_update( psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ int ret;
+
+ /* Don't require hash implementations to behave correctly on a
+ * zero-length input, which may have an invalid pointer. */
+ if( input_length == 0 )
+ return( PSA_SUCCESS );
+
+ switch( operation->alg )
+ {
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ ret = mbedtls_md2_update_ret( &operation->ctx.md2,
+ input, input_length );
+ break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ ret = mbedtls_md4_update_ret( &operation->ctx.md4,
+ input, input_length );
+ break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ ret = mbedtls_md5_update_ret( &operation->ctx.md5,
+ input, input_length );
+ break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160,
+ input, input_length );
+ break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ ret = mbedtls_sha1_update_ret( &operation->ctx.sha1,
+ input, input_length );
+ break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ case PSA_ALG_SHA_256:
+ ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
+ input, input_length );
+ break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_384:
+ case PSA_ALG_SHA_512:
+ ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
+ input, input_length );
+ break;
+#endif
+ default:
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ if( ret != 0 )
+ psa_hash_abort( operation );
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length )
+{
+ psa_status_t status;
+ int ret;
+ size_t actual_hash_length = PSA_HASH_SIZE( operation->alg );
+
+ /* Fill the output buffer with something that isn't a valid hash
+ * (barring an attack on the hash and deliberately-crafted input),
+ * in case the caller doesn't check the return status properly. */
+ *hash_length = hash_size;
+ /* If hash_size is 0 then hash may be NULL and then the
+ * call to memset would have undefined behavior. */
+ if( hash_size != 0 )
+ memset( hash, '!', hash_size );
+
+ if( hash_size < actual_hash_length )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ switch( operation->alg )
+ {
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash );
+ break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash );
+ break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash );
+ break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash );
+ break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
+ break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ case PSA_ALG_SHA_256:
+ ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
+ break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_384:
+ case PSA_ALG_SHA_512:
+ ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
+ break;
+#endif
+ default:
+ return( PSA_ERROR_BAD_STATE );
+ }
+ status = mbedtls_to_psa_error( ret );
+
+exit:
+ if( status == PSA_SUCCESS )
+ {
+ *hash_length = actual_hash_length;
+ return( psa_hash_abort( operation ) );
+ }
+ else
+ {
+ psa_hash_abort( operation );
+ return( status );
+ }
+}
+
+psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
+ const uint8_t *hash,
+ size_t hash_length )
+{
+ uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
+ size_t actual_hash_length;
+ psa_status_t status = psa_hash_finish( operation,
+ actual_hash, sizeof( actual_hash ),
+ &actual_hash_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( actual_hash_length != hash_length )
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation )
+{
+ if( target_operation->alg != 0 )
+ return( PSA_ERROR_BAD_STATE );
+
+ switch( source_operation->alg )
+ {
+ case 0:
+ return( PSA_ERROR_BAD_STATE );
+#if defined(MBEDTLS_MD2_C)
+ case PSA_ALG_MD2:
+ mbedtls_md2_clone( &target_operation->ctx.md2,
+ &source_operation->ctx.md2 );
+ break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+ case PSA_ALG_MD4:
+ mbedtls_md4_clone( &target_operation->ctx.md4,
+ &source_operation->ctx.md4 );
+ break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+ case PSA_ALG_MD5:
+ mbedtls_md5_clone( &target_operation->ctx.md5,
+ &source_operation->ctx.md5 );
+ break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+ case PSA_ALG_RIPEMD160:
+ mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
+ &source_operation->ctx.ripemd160 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case PSA_ALG_SHA_1:
+ mbedtls_sha1_clone( &target_operation->ctx.sha1,
+ &source_operation->ctx.sha1 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case PSA_ALG_SHA_224:
+ case PSA_ALG_SHA_256:
+ mbedtls_sha256_clone( &target_operation->ctx.sha256,
+ &source_operation->ctx.sha256 );
+ break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+ case PSA_ALG_SHA_384:
+ case PSA_ALG_SHA_512:
+ mbedtls_sha512_clone( &target_operation->ctx.sha512,
+ &source_operation->ctx.sha512 );
+ break;
+#endif
+ default:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ target_operation->alg = source_operation->alg;
+ return( PSA_SUCCESS );
+}
+
+
+/****************************************************************/
+/* MAC */
+/****************************************************************/
+
+static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
+ psa_algorithm_t alg,
+ psa_key_type_t key_type,
+ size_t key_bits,
+ mbedtls_cipher_id_t* cipher_id )
+{
+ mbedtls_cipher_mode_t mode;
+ mbedtls_cipher_id_t cipher_id_tmp;
+
+ if( PSA_ALG_IS_AEAD( alg ) )
+ alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 );
+
+ if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
+ {
+ switch( alg )
+ {
+ case PSA_ALG_ARC4:
+ mode = MBEDTLS_MODE_STREAM;
+ break;
+ case PSA_ALG_CTR:
+ mode = MBEDTLS_MODE_CTR;
+ break;
+ case PSA_ALG_CFB:
+ mode = MBEDTLS_MODE_CFB;
+ break;
+ case PSA_ALG_OFB:
+ mode = MBEDTLS_MODE_OFB;
+ break;
+ case PSA_ALG_CBC_NO_PADDING:
+ mode = MBEDTLS_MODE_CBC;
+ break;
+ case PSA_ALG_CBC_PKCS7:
+ mode = MBEDTLS_MODE_CBC;
+ break;
+ case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
+ mode = MBEDTLS_MODE_CCM;
+ break;
+ case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
+ mode = MBEDTLS_MODE_GCM;
+ break;
+ default:
+ return( NULL );
+ }
+ }
+ else if( alg == PSA_ALG_CMAC )
+ mode = MBEDTLS_MODE_ECB;
+ else if( alg == PSA_ALG_GMAC )
+ mode = MBEDTLS_MODE_GCM;
+ else
+ return( NULL );
+
+ switch( key_type )
+ {
+ case PSA_KEY_TYPE_AES:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
+ break;
+ case PSA_KEY_TYPE_DES:
+ /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
+ * and 192 for three-key Triple-DES. */
+ if( key_bits == 64 )
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
+ else
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
+ /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
+ * but two-key Triple-DES is functionally three-key Triple-DES
+ * with K1=K3, so that's how we present it to mbedtls. */
+ if( key_bits == 128 )
+ key_bits = 192;
+ break;
+ case PSA_KEY_TYPE_CAMELLIA:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
+ break;
+ case PSA_KEY_TYPE_ARC4:
+ cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
+ break;
+ default:
+ return( NULL );
+ }
+ if( cipher_id != NULL )
+ *cipher_id = cipher_id_tmp;
+
+ return( mbedtls_cipher_info_from_values( cipher_id_tmp,
+ (int) key_bits, mode ) );
+}
+
+#if defined(MBEDTLS_MD_C)
+static size_t psa_get_hash_block_size( psa_algorithm_t alg )
+{
+ switch( alg )
+ {
+ case PSA_ALG_MD2:
+ return( 16 );
+ case PSA_ALG_MD4:
+ return( 64 );
+ case PSA_ALG_MD5:
+ return( 64 );
+ case PSA_ALG_RIPEMD160:
+ return( 64 );
+ case PSA_ALG_SHA_1:
+ return( 64 );
+ case PSA_ALG_SHA_224:
+ return( 64 );
+ case PSA_ALG_SHA_256:
+ return( 64 );
+ case PSA_ALG_SHA_384:
+ return( 128 );
+ case PSA_ALG_SHA_512:
+ return( 128 );
+ default:
+ return( 0 );
+ }
+}
+#endif /* MBEDTLS_MD_C */
+
+/* Initialize the MAC operation structure. Once this function has been
+ * called, psa_mac_abort can run and will do the right thing. */
+static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
+
+ operation->alg = alg;
+ operation->key_set = 0;
+ operation->iv_set = 0;
+ operation->iv_required = 0;
+ operation->has_input = 0;
+ operation->is_sign = 0;
+
+#if defined(MBEDTLS_CMAC_C)
+ if( alg == PSA_ALG_CMAC )
+ {
+ operation->iv_required = 0;
+ mbedtls_cipher_init( &operation->ctx.cmac );
+ status = PSA_SUCCESS;
+ }
+ else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ /* We'll set up the hash operation later in psa_hmac_setup_internal. */
+ operation->ctx.hmac.hash_ctx.alg = 0;
+ status = PSA_SUCCESS;
+ }
+ else
+#endif /* MBEDTLS_MD_C */
+ {
+ if( ! PSA_ALG_IS_MAC( alg ) )
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ }
+
+ if( status != PSA_SUCCESS )
+ memset( operation, 0, sizeof( *operation ) );
+ return( status );
+}
+
+#if defined(MBEDTLS_MD_C)
+static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac )
+{
+ mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) );
+ return( psa_hash_abort( &hmac->hash_ctx ) );
+}
+
+static void psa_hmac_init_internal( psa_hmac_internal_data *hmac )
+{
+ /* Instances of psa_hash_operation_s can be initialized by zeroization. */
+ memset( hmac, 0, sizeof( *hmac ) );
+}
+#endif /* MBEDTLS_MD_C */
+
+psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
+{
+ if( operation->alg == 0 )
+ {
+ /* The object has (apparently) been initialized but it is not
+ * in use. It's ok to call abort on such an object, and there's
+ * nothing to do. */
+ return( PSA_SUCCESS );
+ }
+ else
+#if defined(MBEDTLS_CMAC_C)
+ if( operation->alg == PSA_ALG_CMAC )
+ {
+ mbedtls_cipher_free( &operation->ctx.cmac );
+ }
+ else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ psa_hmac_abort_internal( &operation->ctx.hmac );
+ }
+ else
+#endif /* MBEDTLS_MD_C */
+ {
+ /* Sanity check (shouldn't happen: operation->alg should
+ * always have been initialized to a valid value). */
+ goto bad_state;
+ }
+
+ operation->alg = 0;
+ operation->key_set = 0;
+ operation->iv_set = 0;
+ operation->iv_required = 0;
+ operation->has_input = 0;
+ operation->is_sign = 0;
+
+ return( PSA_SUCCESS );
+
+bad_state:
+ /* If abort is called on an uninitialized object, we can't trust
+ * anything. Wipe the object in case it contains confidential data.
+ * This may result in a memory leak if a pointer gets overwritten,
+ * but it's too late to do anything about this. */
+ memset( operation, 0, sizeof( *operation ) );
+ return( PSA_ERROR_BAD_STATE );
+}
+
+#if defined(MBEDTLS_CMAC_C)
+static int psa_cmac_setup( psa_mac_operation_t *operation,
+ size_t key_bits,
+ psa_key_slot_t *slot,
+ const mbedtls_cipher_info_t *cipher_info )
+{
+ int ret;
+
+ operation->mac_size = cipher_info->block_size;
+
+ ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
+ if( ret != 0 )
+ return( ret );
+
+ ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
+ slot->data.raw.data,
+ key_bits );
+ return( ret );
+}
+#endif /* MBEDTLS_CMAC_C */
+
+#if defined(MBEDTLS_MD_C)
+static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
+ const uint8_t *key,
+ size_t key_length,
+ psa_algorithm_t hash_alg )
+{
+ unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
+ size_t i;
+ size_t hash_size = PSA_HASH_SIZE( hash_alg );
+ size_t block_size = psa_get_hash_block_size( hash_alg );
+ psa_status_t status;
+
+ /* Sanity checks on block_size, to guarantee that there won't be a buffer
+ * overflow below. This should never trigger if the hash algorithm
+ * is implemented correctly. */
+ /* The size checks against the ipad and opad buffers cannot be written
+ * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )`
+ * because that triggers -Wlogical-op on GCC 7.3. */
+ if( block_size > sizeof( ipad ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( block_size > sizeof( hmac->opad ) )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( block_size < hash_size )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ if( key_length > block_size )
+ {
+ status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+ status = psa_hash_update( &hmac->hash_ctx, key, key_length );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+ status = psa_hash_finish( &hmac->hash_ctx,
+ ipad, sizeof( ipad ), &key_length );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+ }
+ /* A 0-length key is not commonly used in HMAC when used as a MAC,
+ * but it is permitted. It is common when HMAC is used in HKDF, for
+ * example. Don't call `memcpy` in the 0-length because `key` could be
+ * an invalid pointer which would make the behavior undefined. */
+ else if( key_length != 0 )
+ memcpy( ipad, key, key_length );
+
+ /* ipad contains the key followed by garbage. Xor and fill with 0x36
+ * to create the ipad value. */
+ for( i = 0; i < key_length; i++ )
+ ipad[i] ^= 0x36;
+ memset( ipad + key_length, 0x36, block_size - key_length );
+
+ /* Copy the key material from ipad to opad, flipping the requisite bits,
+ * and filling the rest of opad with the requisite constant. */
+ for( i = 0; i < key_length; i++ )
+ hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
+ memset( hmac->opad + key_length, 0x5C, block_size - key_length );
+
+ status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
+
+cleanup:
+ mbedtls_platform_zeroize( ipad, key_length );
+
+ return( status );
+}
+#endif /* MBEDTLS_MD_C */
+
+static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ int is_sign )
+{
+ psa_status_t status;
+ psa_key_slot_t *slot;
+ size_t key_bits;
+ psa_key_usage_t usage =
+ is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY;
+ unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg );
+ psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg );
+
+ /* A context must be freshly initialized before it can be set up. */
+ if( operation->alg != 0 )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ status = psa_mac_init( operation, full_length_alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( is_sign )
+ operation->is_sign = 1;
+
+ status = psa_get_key_from_slot( handle, &slot, usage, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ key_bits = psa_get_key_bits( slot );
+
+#if defined(MBEDTLS_CMAC_C)
+ if( full_length_alg == PSA_ALG_CMAC )
+ {
+ const mbedtls_cipher_info_t *cipher_info =
+ mbedtls_cipher_info_from_psa( full_length_alg,
+ slot->type, key_bits, NULL );
+ int ret;
+ if( cipher_info == NULL )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+ operation->mac_size = cipher_info->block_size;
+ ret = psa_cmac_setup( operation, key_bits, slot, cipher_info );
+ status = mbedtls_to_psa_error( ret );
+ }
+ else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HMAC( full_length_alg ) )
+ {
+ psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
+ if( hash_alg == 0 )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+
+ operation->mac_size = PSA_HASH_SIZE( hash_alg );
+ /* Sanity check. This shouldn't fail on a valid configuration. */
+ if( operation->mac_size == 0 ||
+ operation->mac_size > sizeof( operation->ctx.hmac.opad ) )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+
+ if( slot->type != PSA_KEY_TYPE_HMAC )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+ status = psa_hmac_setup_internal( &operation->ctx.hmac,
+ slot->data.raw.data,
+ slot->data.raw.bytes,
+ hash_alg );
+ }
+ else
+#endif /* MBEDTLS_MD_C */
+ {
+ (void) key_bits;
+ status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+ if( truncated == 0 )
+ {
+ /* The "normal" case: untruncated algorithm. Nothing to do. */
+ }
+ else if( truncated < 4 )
+ {
+ /* A very short MAC is too short for security since it can be
+ * brute-forced. Ancient protocols with 32-bit MACs do exist,
+ * so we make this our minimum, even though 32 bits is still
+ * too small for security. */
+ status = PSA_ERROR_NOT_SUPPORTED;
+ }
+ else if( truncated > operation->mac_size )
+ {
+ /* It's impossible to "truncate" to a larger length. */
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ }
+ else
+ operation->mac_size = truncated;
+
+exit:
+ if( status != PSA_SUCCESS )
+ {
+ psa_mac_abort( operation );
+ }
+ else
+ {
+ operation->key_set = 1;
+ }
+ return( status );
+}
+
+psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg )
+{
+ return( psa_mac_setup( operation, handle, alg, 1 ) );
+}
+
+psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg )
+{
+ return( psa_mac_setup( operation, handle, alg, 0 ) );
+}
+
+psa_status_t psa_mac_update( psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length )
+{
+ psa_status_t status = PSA_ERROR_BAD_STATE;
+ if( ! operation->key_set )
+ return( PSA_ERROR_BAD_STATE );
+ if( operation->iv_required && ! operation->iv_set )
+ return( PSA_ERROR_BAD_STATE );
+ operation->has_input = 1;
+
+#if defined(MBEDTLS_CMAC_C)
+ if( operation->alg == PSA_ALG_CMAC )
+ {
+ int ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac,
+ input, input_length );
+ status = mbedtls_to_psa_error( ret );
+ }
+ else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
+ input_length );
+ }
+ else
+#endif /* MBEDTLS_MD_C */
+ {
+ /* This shouldn't happen if `operation` was initialized by
+ * a setup function. */
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ if( status != PSA_SUCCESS )
+ psa_mac_abort( operation );
+ return( status );
+}
+
+#if defined(MBEDTLS_MD_C)
+static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
+ uint8_t *mac,
+ size_t mac_size )
+{
+ unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
+ psa_algorithm_t hash_alg = hmac->hash_ctx.alg;
+ size_t hash_size = 0;
+ size_t block_size = psa_get_hash_block_size( hash_alg );
+ psa_status_t status;
+
+ status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
+ if( status != PSA_SUCCESS )
+ return( status );
+ /* From here on, tmp needs to be wiped. */
+
+ status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ memcpy( mac, tmp, mac_size );
+
+exit:
+ mbedtls_platform_zeroize( tmp, hash_size );
+ return( status );
+}
+#endif /* MBEDTLS_MD_C */
+
+static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size )
+{
+ if( ! operation->key_set )
+ return( PSA_ERROR_BAD_STATE );
+ if( operation->iv_required && ! operation->iv_set )
+ return( PSA_ERROR_BAD_STATE );
+
+ if( mac_size < operation->mac_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_CMAC_C)
+ if( operation->alg == PSA_ALG_CMAC )
+ {
+ uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE];
+ int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
+ if( ret == 0 )
+ memcpy( mac, tmp, operation->mac_size );
+ mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+ else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HMAC( operation->alg ) )
+ {
+ return( psa_hmac_finish_internal( &operation->ctx.hmac,
+ mac, operation->mac_size ) );
+ }
+ else
+#endif /* MBEDTLS_MD_C */
+ {
+ /* This shouldn't happen if `operation` was initialized by
+ * a setup function. */
+ return( PSA_ERROR_BAD_STATE );
+ }
+}
+
+psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ psa_status_t status;
+
+ if( operation->alg == 0 )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ /* Fill the output buffer with something that isn't a valid mac
+ * (barring an attack on the mac and deliberately-crafted input),
+ * in case the caller doesn't check the return status properly. */
+ *mac_length = mac_size;
+ /* If mac_size is 0 then mac may be NULL and then the
+ * call to memset would have undefined behavior. */
+ if( mac_size != 0 )
+ memset( mac, '!', mac_size );
+
+ if( ! operation->is_sign )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ status = psa_mac_finish_internal( operation, mac, mac_size );
+
+ if( status == PSA_SUCCESS )
+ {
+ status = psa_mac_abort( operation );
+ if( status == PSA_SUCCESS )
+ *mac_length = operation->mac_size;
+ else
+ memset( mac, '!', mac_size );
+ }
+ else
+ psa_mac_abort( operation );
+ return( status );
+}
+
+psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length )
+{
+ uint8_t actual_mac[PSA_MAC_MAX_SIZE];
+ psa_status_t status;
+
+ if( operation->alg == 0 )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ if( operation->is_sign )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+ if( operation->mac_size != mac_length )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto cleanup;
+ }
+
+ status = psa_mac_finish_internal( operation,
+ actual_mac, sizeof( actual_mac ) );
+
+ if( safer_memcmp( mac, actual_mac, mac_length ) != 0 )
+ status = PSA_ERROR_INVALID_SIGNATURE;
+
+cleanup:
+ if( status == PSA_SUCCESS )
+ status = psa_mac_abort( operation );
+ else
+ psa_mac_abort( operation );
+
+ mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
+
+ return( status );
+}
+
+
+
+/****************************************************************/
+/* Asymmetric cryptography */
+/****************************************************************/
+
+#if defined(MBEDTLS_RSA_C)
+/* Decode the hash algorithm from alg and store the mbedtls encoding in
+ * md_alg. Verify that the hash length is acceptable. */
+static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
+ size_t hash_length,
+ mbedtls_md_type_t *md_alg )
+{
+ psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+ const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+ *md_alg = mbedtls_md_get_type( md_info );
+
+ /* The Mbed TLS RSA module uses an unsigned int for hash length
+ * parameters. Validate that it fits so that we don't risk an
+ * overflow later. */
+#if SIZE_MAX > UINT_MAX
+ if( hash_length > UINT_MAX )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+#endif
+
+#if defined(MBEDTLS_PKCS1_V15)
+ /* For PKCS#1 v1.5 signature, if using a hash, the hash length
+ * must be correct. */
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
+ alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
+ {
+ if( md_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( mbedtls_md_get_size( md_info ) != hash_length )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+#endif /* MBEDTLS_PKCS1_V15 */
+
+#if defined(MBEDTLS_PKCS1_V21)
+ /* PSS requires a hash internally. */
+ if( PSA_ALG_IS_RSA_PSS( alg ) )
+ {
+ if( md_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+#endif /* MBEDTLS_PKCS1_V21 */
+
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ psa_status_t status;
+ int ret;
+ mbedtls_md_type_t md_alg;
+
+ status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( signature_size < mbedtls_rsa_get_len( rsa ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_PKCS1_V15)
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+ MBEDTLS_MD_NONE );
+ ret = mbedtls_rsa_pkcs1_sign( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PRIVATE,
+ md_alg,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+ if( PSA_ALG_IS_RSA_PSS( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+ ret = mbedtls_rsa_rsassa_pss_sign( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PRIVATE,
+ MBEDTLS_MD_NONE,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V21 */
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ if( ret == 0 )
+ *signature_length = mbedtls_rsa_get_len( rsa );
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+ psa_status_t status;
+ int ret;
+ mbedtls_md_type_t md_alg;
+
+ status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( signature_length < mbedtls_rsa_get_len( rsa ) )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_PKCS1_V15)
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+ MBEDTLS_MD_NONE );
+ ret = mbedtls_rsa_pkcs1_verify( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PUBLIC,
+ md_alg,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+ if( PSA_ALG_IS_RSA_PSS( alg ) )
+ {
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+ ret = mbedtls_rsa_rsassa_pss_verify( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PUBLIC,
+ MBEDTLS_MD_NONE,
+ (unsigned int) hash_length,
+ hash,
+ signature );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V21 */
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ /* Mbed TLS distinguishes "invalid padding" from "valid padding but
+ * the rest of the signature is invalid". This has little use in
+ * practice and PSA doesn't report this distinction. */
+ if( ret == MBEDTLS_ERR_RSA_INVALID_PADDING )
+ return( PSA_ERROR_INVALID_SIGNATURE );
+ return( mbedtls_to_psa_error( ret ) );
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECDSA_C)
+/* `ecp` cannot be const because `ecp->grp` needs to be non-const
+ * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
+ * (even though these functions don't modify it). */
+static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ int ret;
+ mbedtls_mpi r, s;
+ size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
+ mbedtls_mpi_init( &r );
+ mbedtls_mpi_init( &s );
+
+ if( signature_size < 2 * curve_bytes )
+ {
+ ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+ goto cleanup;
+ }
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+ if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
+ {
+ psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+ const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+ mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
+ MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp->grp, &r, &s, &ecp->d,
+ hash, hash_length,
+ md_alg ) );
+ }
+ else
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+ {
+ (void) alg;
+ MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
+ hash, hash_length,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg ) );
+ }
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
+ signature,
+ curve_bytes ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
+ signature + curve_bytes,
+ curve_bytes ) );
+
+cleanup:
+ mbedtls_mpi_free( &r );
+ mbedtls_mpi_free( &s );
+ if( ret == 0 )
+ *signature_length = 2 * curve_bytes;
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+ int ret;
+ mbedtls_mpi r, s;
+ size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
+ mbedtls_mpi_init( &r );
+ mbedtls_mpi_init( &s );
+
+ if( signature_length != 2 * curve_bytes )
+ return( PSA_ERROR_INVALID_SIGNATURE );
+
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
+ signature,
+ curve_bytes ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
+ signature + curve_bytes,
+ curve_bytes ) );
+
+ ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
+ &ecp->Q, &r, &s );
+
+cleanup:
+ mbedtls_mpi_free( &r );
+ mbedtls_mpi_free( &s );
+ return( mbedtls_to_psa_error( ret ) );
+}
+#endif /* MBEDTLS_ECDSA_C */
+
+psa_status_t psa_asymmetric_sign( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ *signature_length = signature_size;
+
+ status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+
+#if defined(MBEDTLS_RSA_C)
+ if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+ {
+ status = psa_rsa_sign( slot->data.rsa,
+ alg,
+ hash, hash_length,
+ signature, signature_size,
+ signature_length );
+ }
+ else
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+ {
+#if defined(MBEDTLS_ECDSA_C)
+ if(
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+ PSA_ALG_IS_ECDSA( alg )
+#else
+ PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
+#endif
+ )
+ status = psa_ecdsa_sign( slot->data.ecp,
+ alg,
+ hash, hash_length,
+ signature, signature_size,
+ signature_length );
+ else
+#endif /* defined(MBEDTLS_ECDSA_C) */
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ }
+ }
+ else
+#endif /* defined(MBEDTLS_ECP_C) */
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ }
+
+exit:
+ /* Fill the unused part of the output buffer (the whole buffer on error,
+ * the trailing part on success) with something that isn't a valid mac
+ * (barring an attack on the mac and deliberately-crafted input),
+ * in case the caller doesn't check the return status properly. */
+ if( status == PSA_SUCCESS )
+ memset( signature + *signature_length, '!',
+ signature_size - *signature_length );
+ else if( signature_size != 0 )
+ memset( signature, '!', signature_size );
+ /* If signature_size is 0 then we have nothing to do. We must not call
+ * memset because signature may be NULL in this case. */
+ return( status );
+}
+
+psa_status_t psa_asymmetric_verify( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *hash,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+#if defined(MBEDTLS_RSA_C)
+ if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+ {
+ return( psa_rsa_verify( slot->data.rsa,
+ alg,
+ hash, hash_length,
+ signature, signature_length ) );
+ }
+ else
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+ {
+#if defined(MBEDTLS_ECDSA_C)
+ if( PSA_ALG_IS_ECDSA( alg ) )
+ return( psa_ecdsa_verify( slot->data.ecp,
+ hash, hash_length,
+ signature, signature_length ) );
+ else
+#endif /* defined(MBEDTLS_ECDSA_C) */
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ }
+ else
+#endif /* defined(MBEDTLS_ECP_C) */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+}
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
+static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg,
+ mbedtls_rsa_context *rsa )
+{
+ psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg );
+ const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+ mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
+ mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+}
+#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) */
+
+psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ (void) input;
+ (void) input_length;
+ (void) salt;
+ (void) output;
+ (void) output_size;
+
+ *output_length = 0;
+
+ if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ||
+ PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+#if defined(MBEDTLS_RSA_C)
+ if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+ {
+ mbedtls_rsa_context *rsa = slot->data.rsa;
+ int ret;
+ if( output_size < mbedtls_rsa_get_len( rsa ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+#if defined(MBEDTLS_PKCS1_V15)
+ if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
+ {
+ ret = mbedtls_rsa_pkcs1_encrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PUBLIC,
+ input_length,
+ input,
+ output );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+ if( PSA_ALG_IS_RSA_OAEP( alg ) )
+ {
+ psa_rsa_oaep_set_padding_mode( alg, rsa );
+ ret = mbedtls_rsa_rsaes_oaep_encrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PUBLIC,
+ salt, salt_length,
+ input_length,
+ input,
+ output );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V21 */
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+ if( ret == 0 )
+ *output_length = mbedtls_rsa_get_len( rsa );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+ else
+#endif /* defined(MBEDTLS_RSA_C) */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+}
+
+psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *salt,
+ size_t salt_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ (void) input;
+ (void) input_length;
+ (void) salt;
+ (void) output;
+ (void) output_size;
+
+ *output_length = 0;
+
+ if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+#if defined(MBEDTLS_RSA_C)
+ if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+ {
+ mbedtls_rsa_context *rsa = slot->data.rsa;
+ int ret;
+
+ if( input_length != mbedtls_rsa_get_len( rsa ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+#if defined(MBEDTLS_PKCS1_V15)
+ if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
+ {
+ ret = mbedtls_rsa_pkcs1_decrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PRIVATE,
+ output_length,
+ input,
+ output,
+ output_size );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+ if( PSA_ALG_IS_RSA_OAEP( alg ) )
+ {
+ psa_rsa_oaep_set_padding_mode( alg, rsa );
+ ret = mbedtls_rsa_rsaes_oaep_decrypt( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ MBEDTLS_RSA_PRIVATE,
+ salt, salt_length,
+ output_length,
+ input,
+ output,
+ output_size );
+ }
+ else
+#endif /* MBEDTLS_PKCS1_V21 */
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ return( mbedtls_to_psa_error( ret ) );
+ }
+ else
+#endif /* defined(MBEDTLS_RSA_C) */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+}
+
+
+
+/****************************************************************/
+/* Symmetric cryptography */
+/****************************************************************/
+
+/* Initialize the cipher operation structure. Once this function has been
+ * called, psa_cipher_abort can run and will do the right thing. */
+static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation,
+ psa_algorithm_t alg )
+{
+ if( ! PSA_ALG_IS_CIPHER( alg ) )
+ {
+ memset( operation, 0, sizeof( *operation ) );
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ operation->alg = alg;
+ operation->key_set = 0;
+ operation->iv_set = 0;
+ operation->iv_required = 1;
+ operation->iv_size = 0;
+ operation->block_size = 0;
+ mbedtls_cipher_init( &operation->ctx.cipher );
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ mbedtls_operation_t cipher_operation )
+{
+ int ret = 0;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_key_slot_t *slot;
+ size_t key_bits;
+ const mbedtls_cipher_info_t *cipher_info = NULL;
+ psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ?
+ PSA_KEY_USAGE_ENCRYPT :
+ PSA_KEY_USAGE_DECRYPT );
+
+ /* A context must be freshly initialized before it can be set up. */
+ if( operation->alg != 0 )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ status = psa_cipher_init( operation, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_get_key_from_slot( handle, &slot, usage, alg);
+ if( status != PSA_SUCCESS )
+ goto exit;
+ key_bits = psa_get_key_bits( slot );
+
+ cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL );
+ if( cipher_info == NULL )
+ {
+ status = PSA_ERROR_NOT_SUPPORTED;
+ goto exit;
+ }
+
+ ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
+ if( ret != 0 )
+ goto exit;
+
+#if defined(MBEDTLS_DES_C)
+ if( slot->type == PSA_KEY_TYPE_DES && key_bits == 128 )
+ {
+ /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
+ unsigned char keys[24];
+ memcpy( keys, slot->data.raw.data, 16 );
+ memcpy( keys + 16, slot->data.raw.data, 8 );
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+ keys,
+ 192, cipher_operation );
+ }
+ else
+#endif
+ {
+ ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+ slot->data.raw.data,
+ (int) key_bits, cipher_operation );
+ }
+ if( ret != 0 )
+ goto exit;
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+ switch( alg )
+ {
+ case PSA_ALG_CBC_NO_PADDING:
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+ MBEDTLS_PADDING_NONE );
+ break;
+ case PSA_ALG_CBC_PKCS7:
+ ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+ MBEDTLS_PADDING_PKCS7 );
+ break;
+ default:
+ /* The algorithm doesn't involve padding. */
+ ret = 0;
+ break;
+ }
+ if( ret != 0 )
+ goto exit;
+#endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
+
+ operation->key_set = 1;
+ operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) );
+ if( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG )
+ {
+ operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type );
+ }
+
+exit:
+ if( status == 0 )
+ status = mbedtls_to_psa_error( ret );
+ if( status != 0 )
+ psa_cipher_abort( operation );
+ return( status );
+}
+
+psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg )
+{
+ return( psa_cipher_setup( operation, handle, alg, MBEDTLS_ENCRYPT ) );
+}
+
+psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg )
+{
+ return( psa_cipher_setup( operation, handle, alg, MBEDTLS_DECRYPT ) );
+}
+
+psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
+ unsigned char *iv,
+ size_t iv_size,
+ size_t *iv_length )
+{
+ psa_status_t status;
+ int ret;
+ if( operation->iv_set || ! operation->iv_required )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+ if( iv_size < operation->iv_size )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+ ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
+ iv, operation->iv_size );
+ if( ret != 0 )
+ {
+ status = mbedtls_to_psa_error( ret );
+ goto exit;
+ }
+
+ *iv_length = operation->iv_size;
+ status = psa_cipher_set_iv( operation, iv, *iv_length );
+
+exit:
+ if( status != PSA_SUCCESS )
+ psa_cipher_abort( operation );
+ return( status );
+}
+
+psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
+ const unsigned char *iv,
+ size_t iv_length )
+{
+ psa_status_t status;
+ int ret;
+ if( operation->iv_set || ! operation->iv_required )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+ if( iv_length != operation->iv_size )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto exit;
+ }
+ ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
+ status = mbedtls_to_psa_error( ret );
+exit:
+ if( status == PSA_SUCCESS )
+ operation->iv_set = 1;
+ else
+ psa_cipher_abort( operation );
+ return( status );
+}
+
+psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ unsigned char *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status;
+ int ret;
+ size_t expected_output_size;
+
+ if( operation->alg == 0 )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
+ {
+ /* Take the unprocessed partial block left over from previous
+ * update calls, if any, plus the input to this call. Remove
+ * the last partial block, if any. You get the data that will be
+ * output in this call. */
+ expected_output_size =
+ ( operation->ctx.cipher.unprocessed_len + input_length )
+ / operation->block_size * operation->block_size;
+ }
+ else
+ {
+ expected_output_size = input_length;
+ }
+
+ if( output_size < expected_output_size )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
+ input_length, output, output_length );
+ status = mbedtls_to_psa_error( ret );
+exit:
+ if( status != PSA_SUCCESS )
+ psa_cipher_abort( operation );
+ return( status );
+}
+
+psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ int cipher_ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+ uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
+
+ if( ! operation->key_set )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+ if( operation->iv_required && ! operation->iv_set )
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+ if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&
+ operation->alg == PSA_ALG_CBC_NO_PADDING &&
+ operation->ctx.cipher.unprocessed_len != 0 )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto error;
+ }
+
+ cipher_ret = mbedtls_cipher_finish( &operation->ctx.cipher,
+ temp_output_buffer,
+ output_length );
+ if( cipher_ret != 0 )
+ {
+ status = mbedtls_to_psa_error( cipher_ret );
+ goto error;
+ }
+
+ if( *output_length == 0 )
+ ; /* Nothing to copy. Note that output may be NULL in this case. */
+ else if( output_size >= *output_length )
+ memcpy( output, temp_output_buffer, *output_length );
+ else
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto error;
+ }
+
+ mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
+ status = psa_cipher_abort( operation );
+
+ return( status );
+
+error:
+
+ *output_length = 0;
+
+ mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
+ (void) psa_cipher_abort( operation );
+
+ return( status );
+}
+
+psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
+{
+ if( operation->alg == 0 )
+ {
+ /* The object has (apparently) been initialized but it is not
+ * in use. It's ok to call abort on such an object, and there's
+ * nothing to do. */
+ return( PSA_SUCCESS );
+ }
+
+ /* Sanity check (shouldn't happen: operation->alg should
+ * always have been initialized to a valid value). */
+ if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
+ return( PSA_ERROR_BAD_STATE );
+
+ mbedtls_cipher_free( &operation->ctx.cipher );
+
+ operation->alg = 0;
+ operation->key_set = 0;
+ operation->iv_set = 0;
+ operation->iv_size = 0;
+ operation->block_size = 0;
+ operation->iv_required = 0;
+
+ return( PSA_SUCCESS );
+}
+
+
+
+/****************************************************************/
+/* Key Policy */
+/****************************************************************/
+
+#if !defined(MBEDTLS_PSA_CRYPTO_SPM)
+void psa_key_policy_set_usage( psa_key_policy_t *policy,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ policy->usage = usage;
+ policy->alg = alg;
+}
+
+psa_key_usage_t psa_key_policy_get_usage( const psa_key_policy_t *policy )
+{
+ return( policy->usage );
+}
+
+psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy )
+{
+ return( policy->alg );
+}
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */
+
+psa_status_t psa_set_key_policy( psa_key_handle_t handle,
+ const psa_key_policy_t *policy )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ if( policy == NULL )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_empty_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT |
+ PSA_KEY_USAGE_ENCRYPT |
+ PSA_KEY_USAGE_DECRYPT |
+ PSA_KEY_USAGE_SIGN |
+ PSA_KEY_USAGE_VERIFY |
+ PSA_KEY_USAGE_DERIVE ) ) != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ slot->policy = *policy;
+
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_get_key_policy( psa_key_handle_t handle,
+ psa_key_policy_t *policy )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ if( policy == NULL )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ *policy = slot->policy;
+
+ return( PSA_SUCCESS );
+}
+
+
+
+/****************************************************************/
+/* Key Lifetime */
+/****************************************************************/
+
+psa_status_t psa_get_key_lifetime( psa_key_handle_t handle,
+ psa_key_lifetime_t *lifetime )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ *lifetime = slot->lifetime;
+
+ return( PSA_SUCCESS );
+}
+
+
+
+/****************************************************************/
+/* AEAD */
+/****************************************************************/
+
+typedef struct
+{
+ psa_key_slot_t *slot;
+ const mbedtls_cipher_info_t *cipher_info;
+ union
+ {
+#if defined(MBEDTLS_CCM_C)
+ mbedtls_ccm_context ccm;
+#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_GCM_C)
+ mbedtls_gcm_context gcm;
+#endif /* MBEDTLS_GCM_C */
+ } ctx;
+ psa_algorithm_t core_alg;
+ uint8_t full_tag_length;
+ uint8_t tag_length;
+} aead_operation_t;
+
+static void psa_aead_abort( aead_operation_t *operation )
+{
+ switch( operation->core_alg )
+ {
+#if defined(MBEDTLS_CCM_C)
+ case PSA_ALG_CCM:
+ mbedtls_ccm_free( &operation->ctx.ccm );
+ break;
+#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_GCM_C)
+ case PSA_ALG_GCM:
+ mbedtls_gcm_free( &operation->ctx.gcm );
+ break;
+#endif /* MBEDTLS_GCM_C */
+ }
+}
+
+static psa_status_t psa_aead_setup( aead_operation_t *operation,
+ psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_status_t status;
+ size_t key_bits;
+ mbedtls_cipher_id_t cipher_id;
+
+ status = psa_get_key_from_slot( handle, &operation->slot, usage, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ key_bits = psa_get_key_bits( operation->slot );
+
+ operation->cipher_info =
+ mbedtls_cipher_info_from_psa( alg, operation->slot->type, key_bits,
+ &cipher_id );
+ if( operation->cipher_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ switch( PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ) )
+ {
+#if defined(MBEDTLS_CCM_C)
+ case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
+ operation->core_alg = PSA_ALG_CCM;
+ operation->full_tag_length = 16;
+ if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ mbedtls_ccm_init( &operation->ctx.ccm );
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
+ operation->slot->data.raw.data,
+ (unsigned int) key_bits ) );
+ if( status != 0 )
+ goto cleanup;
+ break;
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_GCM_C)
+ case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
+ operation->core_alg = PSA_ALG_GCM;
+ operation->full_tag_length = 16;
+ if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ mbedtls_gcm_init( &operation->ctx.gcm );
+ status = mbedtls_to_psa_error(
+ mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
+ operation->slot->data.raw.data,
+ (unsigned int) key_bits ) );
+ break;
+#endif /* MBEDTLS_GCM_C */
+
+ default:
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length )
+ {
+ status = PSA_ERROR_INVALID_ARGUMENT;
+ goto cleanup;
+ }
+ operation->tag_length = PSA_AEAD_TAG_LENGTH( alg );
+ /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
+ * GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
+ * In both cases, mbedtls_xxx will validate the tag length below. */
+
+ return( PSA_SUCCESS );
+
+cleanup:
+ psa_aead_abort( operation );
+ return( status );
+}
+
+psa_status_t psa_aead_encrypt( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *plaintext,
+ size_t plaintext_length,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length )
+{
+ psa_status_t status;
+ aead_operation_t operation;
+ uint8_t *tag;
+
+ *ciphertext_length = 0;
+
+ status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_ENCRYPT, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* For all currently supported modes, the tag is at the end of the
+ * ciphertext. */
+ if( ciphertext_size < ( plaintext_length + operation.tag_length ) )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+ tag = ciphertext + plaintext_length;
+
+#if defined(MBEDTLS_GCM_C)
+ if( operation.core_alg == PSA_ALG_GCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
+ MBEDTLS_GCM_ENCRYPT,
+ plaintext_length,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, ciphertext,
+ operation.tag_length, tag ) );
+ }
+ else
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+ if( operation.core_alg == PSA_ALG_CCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
+ plaintext_length,
+ nonce, nonce_length,
+ additional_data,
+ additional_data_length,
+ plaintext, ciphertext,
+ tag, operation.tag_length ) );
+ }
+ else
+#endif /* MBEDTLS_CCM_C */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( status != PSA_SUCCESS && ciphertext_size != 0 )
+ memset( ciphertext, 0, ciphertext_size );
+
+exit:
+ psa_aead_abort( &operation );
+ if( status == PSA_SUCCESS )
+ *ciphertext_length = plaintext_length + operation.tag_length;
+ return( status );
+}
+
+/* Locate the tag in a ciphertext buffer containing the encrypted data
+ * followed by the tag. Return the length of the part preceding the tag in
+ * *plaintext_length. This is the size of the plaintext in modes where
+ * the encrypted data has the same size as the plaintext, such as
+ * CCM and GCM. */
+static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ size_t plaintext_size,
+ const uint8_t **p_tag )
+{
+ size_t payload_length;
+ if( tag_length > ciphertext_length )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ payload_length = ciphertext_length - tag_length;
+ if( payload_length > plaintext_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ *p_tag = ciphertext + payload_length;
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_aead_decrypt( psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length )
+{
+ psa_status_t status;
+ aead_operation_t operation;
+ const uint8_t *tag = NULL;
+
+ *plaintext_length = 0;
+
+ status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_DECRYPT, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+#if defined(MBEDTLS_GCM_C)
+ if( operation.core_alg == PSA_ALG_GCM )
+ {
+ status = psa_aead_unpadded_locate_tag( operation.tag_length,
+ ciphertext, ciphertext_length,
+ plaintext_size, &tag );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = mbedtls_to_psa_error(
+ mbedtls_gcm_auth_decrypt( &operation.ctx.gcm,
+ ciphertext_length - operation.tag_length,
+ nonce, nonce_length,
+ additional_data,
+ additional_data_length,
+ tag, operation.tag_length,
+ ciphertext, plaintext ) );
+ }
+ else
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+ if( operation.core_alg == PSA_ALG_CCM )
+ {
+ status = psa_aead_unpadded_locate_tag( operation.tag_length,
+ ciphertext, ciphertext_length,
+ plaintext_size, &tag );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_auth_decrypt( &operation.ctx.ccm,
+ ciphertext_length - operation.tag_length,
+ nonce, nonce_length,
+ additional_data,
+ additional_data_length,
+ ciphertext, plaintext,
+ tag, operation.tag_length ) );
+ }
+ else
+#endif /* MBEDTLS_CCM_C */
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( status != PSA_SUCCESS && plaintext_size != 0 )
+ memset( plaintext, 0, plaintext_size );
+
+exit:
+ psa_aead_abort( &operation );
+ if( status == PSA_SUCCESS )
+ *plaintext_length = ciphertext_length - operation.tag_length;
+ return( status );
+}
+
+
+
+/****************************************************************/
+/* Generators */
+/****************************************************************/
+
+psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
+{
+ psa_status_t status = PSA_SUCCESS;
+ if( generator->alg == 0 )
+ {
+ /* The object has (apparently) been initialized but it is not
+ * in use. It's ok to call abort on such an object, and there's
+ * nothing to do. */
+ }
+ else
+ if( generator->alg == PSA_ALG_SELECT_RAW )
+ {
+ if( generator->ctx.buffer.data != NULL )
+ {
+ mbedtls_platform_zeroize( generator->ctx.buffer.data,
+ generator->ctx.buffer.size );
+ mbedtls_free( generator->ctx.buffer.data );
+ }
+ }
+ else
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HKDF( generator->alg ) )
+ {
+ mbedtls_free( generator->ctx.hkdf.info );
+ status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac );
+ }
+ else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ||
+ /* TLS-1.2 PSK-to-MS KDF uses the same generator as TLS-1.2 PRF */
+ PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) )
+ {
+ if( generator->ctx.tls12_prf.key != NULL )
+ {
+ mbedtls_platform_zeroize( generator->ctx.tls12_prf.key,
+ generator->ctx.tls12_prf.key_len );
+ mbedtls_free( generator->ctx.tls12_prf.key );
+ }
+
+ if( generator->ctx.tls12_prf.Ai_with_seed != NULL )
+ {
+ mbedtls_platform_zeroize( generator->ctx.tls12_prf.Ai_with_seed,
+ generator->ctx.tls12_prf.Ai_with_seed_len );
+ mbedtls_free( generator->ctx.tls12_prf.Ai_with_seed );
+ }
+ }
+ else
+#endif /* MBEDTLS_MD_C */
+ {
+ status = PSA_ERROR_BAD_STATE;
+ }
+ memset( generator, 0, sizeof( *generator ) );
+ return( status );
+}
+
+
+psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
+ size_t *capacity)
+{
+ if( generator->alg == 0 )
+ {
+ /* This is a blank generator. */
+ return PSA_ERROR_BAD_STATE;
+ }
+
+ *capacity = generator->capacity;
+ return( PSA_SUCCESS );
+}
+
+#if defined(MBEDTLS_MD_C)
+/* Read some bytes from an HKDF-based generator. This performs a chunk
+ * of the expand phase of the HKDF algorithm. */
+static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf,
+ psa_algorithm_t hash_alg,
+ uint8_t *output,
+ size_t output_length )
+{
+ uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ psa_status_t status;
+
+ while( output_length != 0 )
+ {
+ /* Copy what remains of the current block */
+ uint8_t n = hash_length - hkdf->offset_in_block;
+ if( n > output_length )
+ n = (uint8_t) output_length;
+ memcpy( output, hkdf->output_block + hkdf->offset_in_block, n );
+ output += n;
+ output_length -= n;
+ hkdf->offset_in_block += n;
+ if( output_length == 0 )
+ break;
+ /* We can't be wanting more output after block 0xff, otherwise
+ * the capacity check in psa_generator_read() would have
+ * prevented this call. It could happen only if the generator
+ * object was corrupted or if this function is called directly
+ * inside the library. */
+ if( hkdf->block_number == 0xff )
+ return( PSA_ERROR_BAD_STATE );
+
+ /* We need a new block */
+ ++hkdf->block_number;
+ hkdf->offset_in_block = 0;
+ status = psa_hmac_setup_internal( &hkdf->hmac,
+ hkdf->prk, hash_length,
+ hash_alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+ if( hkdf->block_number != 1 )
+ {
+ status = psa_hash_update( &hkdf->hmac.hash_ctx,
+ hkdf->output_block,
+ hash_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+ status = psa_hash_update( &hkdf->hmac.hash_ctx,
+ hkdf->info,
+ hkdf->info_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_hash_update( &hkdf->hmac.hash_ctx,
+ &hkdf->block_number, 1 );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_hmac_finish_internal( &hkdf->hmac,
+ hkdf->output_block,
+ sizeof( hkdf->output_block ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+
+ return( PSA_SUCCESS );
+}
+
+static psa_status_t psa_generator_tls12_prf_generate_next_block(
+ psa_tls12_prf_generator_t *tls12_prf,
+ psa_algorithm_t alg )
+{
+ psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
+ uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ psa_hmac_internal_data hmac;
+ psa_status_t status, cleanup_status;
+
+ unsigned char *Ai;
+ size_t Ai_len;
+
+ /* We can't be wanting more output after block 0xff, otherwise
+ * the capacity check in psa_generator_read() would have
+ * prevented this call. It could happen only if the generator
+ * object was corrupted or if this function is called directly
+ * inside the library. */
+ if( tls12_prf->block_number == 0xff )
+ return( PSA_ERROR_BAD_STATE );
+
+ /* We need a new block */
+ ++tls12_prf->block_number;
+ tls12_prf->offset_in_block = 0;
+
+ /* Recall the definition of the TLS-1.2-PRF from RFC 5246:
+ *
+ * PRF(secret, label, seed) = P_<hash>(secret, label + seed)
+ *
+ * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
+ * HMAC_hash(secret, A(2) + seed) +
+ * HMAC_hash(secret, A(3) + seed) + ...
+ *
+ * A(0) = seed
+ * A(i) = HMAC_hash( secret, A(i-1) )
+ *
+ * The `psa_tls12_prf_generator` structures saves the block
+ * `HMAC_hash(secret, A(i) + seed)` from which the output
+ * is currently extracted as `output_block`, while
+ * `A(i) + seed` is stored in `Ai_with_seed`.
+ *
+ * Generating a new block means recalculating `Ai_with_seed`
+ * from the A(i)-part of it, and afterwards recalculating
+ * `output_block`.
+ *
+ * A(0) is computed at setup time.
+ *
+ */
+
+ psa_hmac_init_internal( &hmac );
+
+ /* We must distinguish the calculation of A(1) from those
+ * of A(2) and higher, because A(0)=seed has a different
+ * length than the other A(i). */
+ if( tls12_prf->block_number == 1 )
+ {
+ Ai = tls12_prf->Ai_with_seed + hash_length;
+ Ai_len = tls12_prf->Ai_with_seed_len - hash_length;
+ }
+ else
+ {
+ Ai = tls12_prf->Ai_with_seed;
+ Ai_len = hash_length;
+ }
+
+ /* Compute A(i+1) = HMAC_hash(secret, A(i)) */
+ status = psa_hmac_setup_internal( &hmac,
+ tls12_prf->key,
+ tls12_prf->key_len,
+ hash_alg );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ status = psa_hash_update( &hmac.hash_ctx,
+ Ai, Ai_len );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ status = psa_hmac_finish_internal( &hmac,
+ tls12_prf->Ai_with_seed,
+ hash_length );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ /* Compute the next block `HMAC_hash(secret, A(i+1) + seed)`. */
+ status = psa_hmac_setup_internal( &hmac,
+ tls12_prf->key,
+ tls12_prf->key_len,
+ hash_alg );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ status = psa_hash_update( &hmac.hash_ctx,
+ tls12_prf->Ai_with_seed,
+ tls12_prf->Ai_with_seed_len );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+ status = psa_hmac_finish_internal( &hmac,
+ tls12_prf->output_block,
+ hash_length );
+ if( status != PSA_SUCCESS )
+ goto cleanup;
+
+cleanup:
+
+ cleanup_status = psa_hmac_abort_internal( &hmac );
+ if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS )
+ status = cleanup_status;
+
+ return( status );
+}
+
+/* Read some bytes from an TLS-1.2-PRF-based generator.
+ * See Section 5 of RFC 5246. */
+static psa_status_t psa_generator_tls12_prf_read(
+ psa_tls12_prf_generator_t *tls12_prf,
+ psa_algorithm_t alg,
+ uint8_t *output,
+ size_t output_length )
+{
+ psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
+ uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ psa_status_t status;
+
+ while( output_length != 0 )
+ {
+ /* Copy what remains of the current block */
+ uint8_t n = hash_length - tls12_prf->offset_in_block;
+
+ /* Check if we have fully processed the current block. */
+ if( n == 0 )
+ {
+ status = psa_generator_tls12_prf_generate_next_block( tls12_prf,
+ alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ continue;
+ }
+
+ if( n > output_length )
+ n = (uint8_t) output_length;
+ memcpy( output, tls12_prf->output_block + tls12_prf->offset_in_block,
+ n );
+ output += n;
+ output_length -= n;
+ tls12_prf->offset_in_block += n;
+ }
+
+ return( PSA_SUCCESS );
+}
+#endif /* MBEDTLS_MD_C */
+
+psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
+ uint8_t *output,
+ size_t output_length )
+{
+ psa_status_t status;
+
+ if( generator->alg == 0 )
+ {
+ /* This is a blank generator. */
+ return PSA_ERROR_BAD_STATE;
+ }
+
+ if( output_length > generator->capacity )
+ {
+ generator->capacity = 0;
+ /* Go through the error path to wipe all confidential data now
+ * that the generator object is useless. */
+ status = PSA_ERROR_INSUFFICIENT_DATA;
+ goto exit;
+ }
+ if( output_length == 0 && generator->capacity == 0 )
+ {
+ /* Edge case: this is a finished generator, and 0 bytes
+ * were requested. The right error in this case could
+ * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return
+ * INSUFFICIENT_CAPACITY, which is right for a finished
+ * generator, for consistency with the case when
+ * output_length > 0. */
+ return( PSA_ERROR_INSUFFICIENT_DATA );
+ }
+ generator->capacity -= output_length;
+
+ if( generator->alg == PSA_ALG_SELECT_RAW )
+ {
+ /* Initially, the capacity of a selection generator is always
+ * the size of the buffer, i.e. `generator->ctx.buffer.size`,
+ * abbreviated in this comment as `size`. When the remaining
+ * capacity is `c`, the next bytes to serve start `c` bytes
+ * from the end of the buffer, i.e. `size - c` from the
+ * beginning of the buffer. Since `generator->capacity` was just
+ * decremented above, we need to serve the bytes from
+ * `size - generator->capacity - output_length` to
+ * `size - generator->capacity`. */
+ size_t offset =
+ generator->ctx.buffer.size - generator->capacity - output_length;
+ memcpy( output, generator->ctx.buffer.data + offset, output_length );
+ status = PSA_SUCCESS;
+ }
+ else
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HKDF( generator->alg ) )
+ {
+ psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( generator->alg );
+ status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg,
+ output, output_length );
+ }
+ else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ||
+ PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) )
+ {
+ status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf,
+ generator->alg, output,
+ output_length );
+ }
+ else
+#endif /* MBEDTLS_MD_C */
+ {
+ return( PSA_ERROR_BAD_STATE );
+ }
+
+exit:
+ if( status != PSA_SUCCESS )
+ {
+ /* Preserve the algorithm upon errors, but clear all sensitive state.
+ * This allows us to differentiate between exhausted generators and
+ * blank generators, so we can return PSA_ERROR_BAD_STATE on blank
+ * generators. */
+ psa_algorithm_t alg = generator->alg;
+ psa_generator_abort( generator );
+ generator->alg = alg;
+ memset( output, '!', output_length );
+ }
+ return( status );
+}
+
+#if defined(MBEDTLS_DES_C)
+static void psa_des_set_key_parity( uint8_t *data, size_t data_size )
+{
+ if( data_size >= 8 )
+ mbedtls_des_key_set_parity( data );
+ if( data_size >= 16 )
+ mbedtls_des_key_set_parity( data + 8 );
+ if( data_size >= 24 )
+ mbedtls_des_key_set_parity( data + 16 );
+}
+#endif /* MBEDTLS_DES_C */
+
+psa_status_t psa_generator_import_key( psa_key_handle_t handle,
+ psa_key_type_t type,
+ size_t bits,
+ psa_crypto_generator_t *generator )
+{
+ uint8_t *data = NULL;
+ size_t bytes = PSA_BITS_TO_BYTES( bits );
+ psa_status_t status;
+
+ if( ! key_type_is_raw_bytes( type ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ if( bits % 8 != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ data = mbedtls_calloc( 1, bytes );
+ if( data == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+ status = psa_generator_read( generator, data, bytes );
+ if( status != PSA_SUCCESS )
+ goto exit;
+#if defined(MBEDTLS_DES_C)
+ if( type == PSA_KEY_TYPE_DES )
+ psa_des_set_key_parity( data, bytes );
+#endif /* MBEDTLS_DES_C */
+ status = psa_import_key( handle, type, data, bytes );
+
+exit:
+ mbedtls_free( data );
+ return( status );
+}
+
+
+
+/****************************************************************/
+/* Key derivation */
+/****************************************************************/
+
+#if defined(MBEDTLS_MD_C)
+/* Set up an HKDF-based generator. This is exactly the extract phase
+ * of the HKDF algorithm.
+ *
+ * Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
+static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
+ const uint8_t *secret,
+ size_t secret_length,
+ psa_algorithm_t hash_alg,
+ const uint8_t *salt,
+ size_t salt_length,
+ const uint8_t *label,
+ size_t label_length )
+{
+ psa_status_t status;
+ status = psa_hmac_setup_internal( &hkdf->hmac,
+ salt, salt_length,
+ PSA_ALG_HMAC_GET_HASH( hash_alg ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_hash_update( &hkdf->hmac.hash_ctx, secret, secret_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_hmac_finish_internal( &hkdf->hmac,
+ hkdf->prk,
+ sizeof( hkdf->prk ) );
+ if( status != PSA_SUCCESS )
+ return( status );
+ hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg );
+ hkdf->block_number = 0;
+ hkdf->info_length = label_length;
+ if( label_length != 0 )
+ {
+ hkdf->info = mbedtls_calloc( 1, label_length );
+ if( hkdf->info == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ memcpy( hkdf->info, label, label_length );
+ }
+ return( PSA_SUCCESS );
+}
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_MD_C)
+/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5).
+ *
+ * Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
+static psa_status_t psa_generator_tls12_prf_setup(
+ psa_tls12_prf_generator_t *tls12_prf,
+ const unsigned char *key,
+ size_t key_len,
+ psa_algorithm_t hash_alg,
+ const uint8_t *salt,
+ size_t salt_length,
+ const uint8_t *label,
+ size_t label_length )
+{
+ uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ size_t Ai_with_seed_len = hash_length + salt_length + label_length;
+ int overflow;
+
+ tls12_prf->key = mbedtls_calloc( 1, key_len );
+ if( tls12_prf->key == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ tls12_prf->key_len = key_len;
+ memcpy( tls12_prf->key, key, key_len );
+
+ overflow = ( salt_length + label_length < salt_length ) ||
+ ( salt_length + label_length + hash_length < hash_length );
+ if( overflow )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ tls12_prf->Ai_with_seed = mbedtls_calloc( 1, Ai_with_seed_len );
+ if( tls12_prf->Ai_with_seed == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ tls12_prf->Ai_with_seed_len = Ai_with_seed_len;
+
+ /* Write `label + seed' at the end of the `A(i) + seed` buffer,
+ * leaving the initial `hash_length` bytes unspecified for now. */
+ if( label_length != 0 )
+ {
+ memcpy( tls12_prf->Ai_with_seed + hash_length,
+ label, label_length );
+ }
+
+ if( salt_length != 0 )
+ {
+ memcpy( tls12_prf->Ai_with_seed + hash_length + label_length,
+ salt, salt_length );
+ }
+
+ /* The first block gets generated when
+ * psa_generator_read() is called. */
+ tls12_prf->block_number = 0;
+ tls12_prf->offset_in_block = hash_length;
+
+ return( PSA_SUCCESS );
+}
+
+/* Set up a TLS-1.2-PSK-to-MS-based generator. */
+static psa_status_t psa_generator_tls12_psk_to_ms_setup(
+ psa_tls12_prf_generator_t *tls12_prf,
+ const unsigned char *psk,
+ size_t psk_len,
+ psa_algorithm_t hash_alg,
+ const uint8_t *salt,
+ size_t salt_length,
+ const uint8_t *label,
+ size_t label_length )
+{
+ psa_status_t status;
+ unsigned char pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ];
+
+ if( psk_len > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Quoting RFC 4279, Section 2:
+ *
+ * The premaster secret is formed as follows: if the PSK is N octets
+ * long, concatenate a uint16 with the value N, N zero octets, a second
+ * uint16 with the value N, and the PSK itself.
+ */
+
+ pms[0] = ( psk_len >> 8 ) & 0xff;
+ pms[1] = ( psk_len >> 0 ) & 0xff;
+ memset( pms + 2, 0, psk_len );
+ pms[2 + psk_len + 0] = pms[0];
+ pms[2 + psk_len + 1] = pms[1];
+ memcpy( pms + 4 + psk_len, psk, psk_len );
+
+ status = psa_generator_tls12_prf_setup( tls12_prf,
+ pms, 4 + 2 * psk_len,
+ hash_alg,
+ salt, salt_length,
+ label, label_length );
+
+ mbedtls_platform_zeroize( pms, sizeof( pms ) );
+ return( status );
+}
+#endif /* MBEDTLS_MD_C */
+
+/* Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
+static psa_status_t psa_key_derivation_internal(
+ psa_crypto_generator_t *generator,
+ const uint8_t *secret, size_t secret_length,
+ psa_algorithm_t alg,
+ const uint8_t *salt, size_t salt_length,
+ const uint8_t *label, size_t label_length,
+ size_t capacity )
+{
+ psa_status_t status;
+ size_t max_capacity;
+
+ /* Set generator->alg even on failure so that abort knows what to do. */
+ generator->alg = alg;
+
+ if( alg == PSA_ALG_SELECT_RAW )
+ {
+ (void) salt;
+ if( salt_length != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ (void) label;
+ if( label_length != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length );
+ if( generator->ctx.buffer.data == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ memcpy( generator->ctx.buffer.data, secret, secret_length );
+ generator->ctx.buffer.size = secret_length;
+ max_capacity = secret_length;
+ status = PSA_SUCCESS;
+ }
+ else
+#if defined(MBEDTLS_MD_C)
+ if( PSA_ALG_IS_HKDF( alg ) )
+ {
+ psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
+ size_t hash_size = PSA_HASH_SIZE( hash_alg );
+ if( hash_size == 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ max_capacity = 255 * hash_size;
+ status = psa_generator_hkdf_setup( &generator->ctx.hkdf,
+ secret, secret_length,
+ hash_alg,
+ salt, salt_length,
+ label, label_length );
+ }
+ /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */
+ else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
+ PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
+ {
+ psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
+ size_t hash_size = PSA_HASH_SIZE( hash_alg );
+
+ /* TLS-1.2 PRF supports only SHA-256 and SHA-384. */
+ if( hash_alg != PSA_ALG_SHA_256 &&
+ hash_alg != PSA_ALG_SHA_384 )
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ max_capacity = 255 * hash_size;
+
+ if( PSA_ALG_IS_TLS12_PRF( alg ) )
+ {
+ status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf,
+ secret, secret_length,
+ hash_alg, salt, salt_length,
+ label, label_length );
+ }
+ else
+ {
+ status = psa_generator_tls12_psk_to_ms_setup(
+ &generator->ctx.tls12_prf,
+ secret, secret_length,
+ hash_alg, salt, salt_length,
+ label, label_length );
+ }
+ }
+ else
+#endif
+ {
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( capacity <= max_capacity )
+ generator->capacity = capacity;
+ else if( capacity == PSA_GENERATOR_UNBRIDLED_CAPACITY )
+ generator->capacity = max_capacity;
+ else
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg,
+ const uint8_t *salt,
+ size_t salt_length,
+ const uint8_t *label,
+ size_t label_length,
+ size_t capacity )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ if( generator->alg != 0 )
+ return( PSA_ERROR_BAD_STATE );
+
+ /* Make sure that alg is a key derivation algorithm. This prevents
+ * key selection algorithms, which psa_key_derivation_internal
+ * accepts for the sake of key agreement. */
+ if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DERIVE, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( slot->type != PSA_KEY_TYPE_DERIVE )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_key_derivation_internal( generator,
+ slot->data.raw.data,
+ slot->data.raw.bytes,
+ alg,
+ salt, salt_length,
+ label, label_length,
+ capacity );
+ if( status != PSA_SUCCESS )
+ psa_generator_abort( generator );
+ return( status );
+}
+
+
+
+/****************************************************************/
+/* Key agreement */
+/****************************************************************/
+
+#if defined(MBEDTLS_ECDH_C)
+static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
+ size_t peer_key_length,
+ const mbedtls_ecp_keypair *our_key,
+ uint8_t *shared_secret,
+ size_t shared_secret_size,
+ size_t *shared_secret_length )
+{
+ mbedtls_ecp_keypair *their_key = NULL;
+ mbedtls_ecdh_context ecdh;
+ psa_status_t status;
+ mbedtls_ecdh_init( &ecdh );
+
+ status = psa_import_ec_public_key(
+ mbedtls_ecc_group_to_psa( our_key->grp.id ),
+ peer_key, peer_key_length,
+ &their_key );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ status = mbedtls_to_psa_error(
+ mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecdh_calc_secret( &ecdh,
+ shared_secret_length,
+ shared_secret, shared_secret_size,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg ) );
+
+exit:
+ mbedtls_ecdh_free( &ecdh );
+ mbedtls_ecp_keypair_free( their_key );
+ mbedtls_free( their_key );
+ return( status );
+}
+#endif /* MBEDTLS_ECDH_C */
+
+#define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
+
+/* Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
+static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator,
+ psa_key_slot_t *private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ psa_algorithm_t alg )
+{
+ psa_status_t status;
+ uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE];
+ size_t shared_secret_length = 0;
+
+ /* Step 1: run the secret agreement algorithm to generate the shared
+ * secret. */
+ switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ) )
+ {
+#if defined(MBEDTLS_ECDH_C)
+ case PSA_ALG_ECDH_BASE:
+ if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( private_key->type ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ status = psa_key_agreement_ecdh( peer_key, peer_key_length,
+ private_key->data.ecp,
+ shared_secret,
+ sizeof( shared_secret ),
+ &shared_secret_length );
+ break;
+#endif /* MBEDTLS_ECDH_C */
+ default:
+ (void) private_key;
+ (void) peer_key;
+ (void) peer_key_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Step 2: set up the key derivation to generate key material from
+ * the shared secret. */
+ status = psa_key_derivation_internal( generator,
+ shared_secret, shared_secret_length,
+ PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ),
+ NULL, 0, NULL, 0,
+ PSA_GENERATOR_UNBRIDLED_CAPACITY );
+exit:
+ mbedtls_platform_zeroize( shared_secret, shared_secret_length );
+ return( status );
+}
+
+psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
+ psa_key_handle_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ psa_algorithm_t alg )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+ if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ status = psa_get_key_from_slot( private_key, &slot,
+ PSA_KEY_USAGE_DERIVE, alg );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_key_agreement_internal( generator,
+ slot,
+ peer_key, peer_key_length,
+ alg );
+ if( status != PSA_SUCCESS )
+ psa_generator_abort( generator );
+ return( status );
+}
+
+
+
+/****************************************************************/
+/* Random generation */
+/****************************************************************/
+
+psa_status_t psa_generate_random( uint8_t *output,
+ size_t output_size )
+{
+ int ret;
+ GUARD_MODULE_INITIALIZED;
+
+ ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size );
+ return( mbedtls_to_psa_error( ret ) );
+}
+
+#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
+
+psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
+ size_t seed_size )
+{
+ psa_status_t status;
+ struct psa_storage_info_t p_info;
+ if( global_data.initialized )
+ return( PSA_ERROR_NOT_PERMITTED );
+
+ if( ( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) ||
+ ( seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE ) ) ||
+ ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info );
+
+ if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */
+ {
+ status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 );
+ }
+ else if( PSA_SUCCESS == status )
+ {
+ /* You should not be here. Seed needs to be injected only once */
+ status = PSA_ERROR_NOT_PERMITTED;
+ }
+ return( status );
+}
+#endif
+
+psa_status_t psa_generate_key( psa_key_handle_t handle,
+ psa_key_type_t type,
+ size_t bits,
+ const void *extra,
+ size_t extra_size )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ if( extra == NULL && extra_size != 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_empty_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ if( key_type_is_raw_bytes( type ) )
+ {
+ status = prepare_raw_data_slot( type, bits, &slot->data.raw );
+ if( status != PSA_SUCCESS )
+ return( status );
+ status = psa_generate_random( slot->data.raw.data,
+ slot->data.raw.bytes );
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_free( slot->data.raw.data );
+ return( status );
+ }
+#if defined(MBEDTLS_DES_C)
+ if( type == PSA_KEY_TYPE_DES )
+ psa_des_set_key_parity( slot->data.raw.data,
+ slot->data.raw.bytes );
+#endif /* MBEDTLS_DES_C */
+ }
+ else
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
+ if ( type == PSA_KEY_TYPE_RSA_KEYPAIR )
+ {
+ mbedtls_rsa_context *rsa;
+ int ret;
+ int exponent = 65537;
+ if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ /* Accept only byte-aligned keys, for the same reasons as
+ * in psa_import_rsa_key(). */
+ if( bits % 8 != 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( extra != NULL )
+ {
+ const psa_generate_key_extra_rsa *p = extra;
+ if( extra_size != sizeof( *p ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+#if INT_MAX < 0xffffffff
+ /* Check that the uint32_t value passed by the caller fits
+ * in the range supported by this implementation. */
+ if( p->e > INT_MAX )
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+ exponent = p->e;
+ }
+ rsa = mbedtls_calloc( 1, sizeof( *rsa ) );
+ if( rsa == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ mbedtls_rsa_init( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
+ ret = mbedtls_rsa_gen_key( rsa,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg,
+ (unsigned int) bits,
+ exponent );
+ if( ret != 0 )
+ {
+ mbedtls_rsa_free( rsa );
+ mbedtls_free( rsa );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+ slot->data.rsa = rsa;
+ }
+ else
+#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
+
+#if defined(MBEDTLS_ECP_C)
+ if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEYPAIR( type ) )
+ {
+ psa_ecc_curve_t curve = PSA_KEY_TYPE_GET_CURVE( type );
+ mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
+ const mbedtls_ecp_curve_info *curve_info =
+ mbedtls_ecp_curve_info_from_grp_id( grp_id );
+ mbedtls_ecp_keypair *ecp;
+ int ret;
+ if( extra != NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( curve_info->bit_size != bits )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ ecp = mbedtls_calloc( 1, sizeof( *ecp ) );
+ if( ecp == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ mbedtls_ecp_keypair_init( ecp );
+ ret = mbedtls_ecp_gen_key( grp_id, ecp,
+ mbedtls_ctr_drbg_random,
+ &global_data.ctr_drbg );
+ if( ret != 0 )
+ {
+ mbedtls_ecp_keypair_free( ecp );
+ mbedtls_free( ecp );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+ slot->data.ecp = ecp;
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ slot->type = type;
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+ {
+ return( psa_save_generated_persistent_key( slot, bits ) );
+ }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+ return( status );
+}
+
+
+/****************************************************************/
+/* Module setup */
+/****************************************************************/
+
+psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
+ void (* entropy_init )( mbedtls_entropy_context *ctx ),
+ void (* entropy_free )( mbedtls_entropy_context *ctx ) )
+{
+ if( global_data.rng_state != RNG_NOT_INITIALIZED )
+ return( PSA_ERROR_BAD_STATE );
+ global_data.entropy_init = entropy_init;
+ global_data.entropy_free = entropy_free;
+ return( PSA_SUCCESS );
+}
+
+void mbedtls_psa_crypto_free( void )
+{
+ psa_wipe_all_key_slots( );
+ if( global_data.rng_state != RNG_NOT_INITIALIZED )
+ {
+ mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
+ global_data.entropy_free( &global_data.entropy );
+ }
+ /* Wipe all remaining data, including configuration.
+ * In particular, this sets all state indicator to the value
+ * indicating "uninitialized". */
+ mbedtls_platform_zeroize( &global_data, sizeof( global_data ) );
+}
+
+psa_status_t psa_crypto_init( void )
+{
+ psa_status_t status;
+ const unsigned char drbg_seed[] = "PSA";
+
+ /* Double initialization is explicitly allowed. */
+ if( global_data.initialized != 0 )
+ return( PSA_SUCCESS );
+
+ /* Set default configuration if
+ * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */
+ if( global_data.entropy_init == NULL )
+ global_data.entropy_init = mbedtls_entropy_init;
+ if( global_data.entropy_free == NULL )
+ global_data.entropy_free = mbedtls_entropy_free;
+
+ /* Initialize the random generator. */
+ global_data.entropy_init( &global_data.entropy );
+ mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
+ global_data.rng_state = RNG_INITIALIZED;
+ status = mbedtls_to_psa_error(
+ mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
+ mbedtls_entropy_func,
+ &global_data.entropy,
+ drbg_seed, sizeof( drbg_seed ) - 1 ) );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ global_data.rng_state = RNG_SEEDED;
+
+ status = psa_initialize_key_slots( );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* All done. */
+ global_data.initialized = 1;
+
+exit:
+ if( status != PSA_SUCCESS )
+ mbedtls_psa_crypto_free( );
+ return( status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
new file mode 100644
index 0000000..0f75624
--- /dev/null
+++ b/library/psa_crypto_core.h
@@ -0,0 +1,99 @@
+/*
+ * PSA crypto core internal interfaces
+ */
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_CORE_H
+#define PSA_CRYPTO_CORE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "psa/crypto.h"
+
+#include "mbedtls/ecp.h"
+#include "mbedtls/rsa.h"
+
+/** The data structure representing a key slot, containing key material
+ * and metadata for one key.
+ */
+typedef struct
+{
+ psa_key_type_t type;
+ psa_key_policy_t policy;
+ psa_key_lifetime_t lifetime;
+ psa_key_file_id_t persistent_storage_id;
+ unsigned allocated : 1;
+ union
+ {
+ struct raw_data
+ {
+ uint8_t *data;
+ size_t bytes;
+ } raw;
+#if defined(MBEDTLS_RSA_C)
+ mbedtls_rsa_context *rsa;
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+ mbedtls_ecp_keypair *ecp;
+#endif /* MBEDTLS_ECP_C */
+ } data;
+} psa_key_slot_t;
+
+/** Completely wipe a slot in memory, including its policy.
+ *
+ * Persistent storage is not affected.
+ *
+ * \param[in,out] slot The key slot to wipe.
+ *
+ * \retval PSA_SUCCESS
+ * Success. This includes the case of a key slot that was
+ * already fully wiped.
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
+
+/** Import key data into a slot.
+ *
+ * `slot->type` must have been set previously.
+ * This function assumes that the slot does not contain any key material yet.
+ * On failure, the slot content is unchanged.
+ *
+ * Persistent storage is not affected.
+ *
+ * \param[in,out] slot The key slot to import data into.
+ * Its `type` field must have previously been set to
+ * the desired key type.
+ * It must not contain any key material yet.
+ * \param[in] data Buffer containing the key material to parse and import.
+ * \param data_length Size of \p data in bytes.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
+ const uint8_t *data,
+ size_t data_length );
+
+#endif /* PSA_CRYPTO_CORE_H */
diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h
new file mode 100644
index 0000000..642652a
--- /dev/null
+++ b/library/psa_crypto_invasive.h
@@ -0,0 +1,79 @@
+/**
+ * \file psa_crypto_invasive.h
+ *
+ * \brief PSA cryptography module: invasive interfaces for test only.
+ *
+ * The interfaces in this file are intended for testing purposes only.
+ * They MUST NOT be made available to clients over IPC in integrations
+ * with isolation, and they SHOULD NOT be made available in library
+ * integrations except when building the library for testing.
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_INVASIVE_H
+#define PSA_CRYPTO_INVASIVE_H
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#include "psa/crypto.h"
+
+#include "mbedtls/entropy.h"
+
+/** \brief Configure entropy sources.
+ *
+ * This function may only be called before a call to psa_crypto_init(),
+ * or after a call to mbedtls_psa_crypto_free() and before any
+ * subsequent call to psa_crypto_init().
+ *
+ * This function is only intended for test purposes. The functionality
+ * it provides is also useful for system integrators, but
+ * system integrators should configure entropy drivers instead of
+ * breaking through to the Mbed TLS API.
+ *
+ * \param entropy_init Function to initialize the entropy context
+ * and set up the desired entropy sources.
+ * It is called by psa_crypto_init().
+ * By default this is mbedtls_entropy_init().
+ * This function cannot report failures directly.
+ * To indicate a failure, set the entropy context
+ * to a state where mbedtls_entropy_func() will
+ * return an error.
+ * \param entropy_free Function to free the entropy context
+ * and associated resources.
+ * It is called by mbedtls_psa_crypto_free().
+ * By default this is mbedtls_entropy_free().
+ *
+ * \retval PSA_SUCCESS
+ * Success.
+ * \retval PSA_ERROR_NOT_PERMITTED
+ * The caller does not have the permission to configure
+ * entropy sources.
+ * \retval PSA_ERROR_BAD_STATE
+ * The library has already been initialized.
+ */
+psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
+ void (* entropy_init )( mbedtls_entropy_context *ctx ),
+ void (* entropy_free )( mbedtls_entropy_context *ctx ) );
+
+#endif /* PSA_CRYPTO_INVASIVE_H */
diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h
new file mode 100644
index 0000000..938bfe1
--- /dev/null
+++ b/library/psa_crypto_service_integration.h
@@ -0,0 +1,40 @@
+/* Copyright (C) 2019, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H
+#define PSA_CRYPTO_SERVICE_INTEGRATION_H
+
+/*
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
+ * (Secure Partition Manager) integration which separates the code into two
+ * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
+ * Environment). When building for the SPE, an additional header file should be
+ * included.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+/*
+ * PSA_CRYPTO_SECURE means that the file which included this file is being
+ * compiled for SPE. The files crypto_structs.h and crypto_types.h have
+ * different implementations for NSPE and SPE and are compiled according to this
+ * flag.
+ */
+#define PSA_CRYPTO_SECURE 1
+#include "crypto_spe.h"
+#endif // MBEDTLS_PSA_CRYPTO_SPM
+
+#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
new file mode 100644
index 0000000..33c03a7
--- /dev/null
+++ b/library/psa_crypto_slot_management.c
@@ -0,0 +1,295 @@
+/*
+ * PSA crypto layer on top of Mbed TLS crypto
+ */
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa_crypto_service_integration.h"
+#include "psa/crypto.h"
+
+#include "psa_crypto_core.h"
+#include "psa_crypto_slot_management.h"
+#include "psa_crypto_storage.h"
+
+#include <stdlib.h>
+#include <string.h>
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
+#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
+
+typedef struct
+{
+ psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
+ unsigned key_slots_initialized : 1;
+} psa_global_data_t;
+
+static psa_global_data_t global_data;
+
+/* Access a key slot at the given handle. The handle of a key slot is
+ * the index of the slot in the global slot array, plus one so that handles
+ * start at 1 and not 0. */
+psa_status_t psa_get_key_slot( psa_key_handle_t handle,
+ psa_key_slot_t **p_slot )
+{
+ psa_key_slot_t *slot = NULL;
+
+ if( ! global_data.key_slots_initialized )
+ return( PSA_ERROR_BAD_STATE );
+
+ /* 0 is not a valid handle under any circumstance. This
+ * implementation provides slots number 1 to N where N is the
+ * number of available slots. */
+ if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) )
+ return( PSA_ERROR_INVALID_HANDLE );
+ slot = &global_data.key_slots[handle - 1];
+
+ /* If the slot hasn't been allocated, the handle is invalid. */
+ if( ! slot->allocated )
+ return( PSA_ERROR_INVALID_HANDLE );
+
+ *p_slot = slot;
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_initialize_key_slots( void )
+{
+ /* Nothing to do: program startup and psa_wipe_all_key_slots() both
+ * guarantee that the key slots are initialized to all-zero, which
+ * means that all the key slots are in a valid, empty state. */
+ global_data.key_slots_initialized = 1;
+ return( PSA_SUCCESS );
+}
+
+void psa_wipe_all_key_slots( void )
+{
+ psa_key_handle_t key;
+ for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
+ {
+ psa_key_slot_t *slot = &global_data.key_slots[key - 1];
+ (void) psa_wipe_key_slot( slot );
+ }
+ global_data.key_slots_initialized = 0;
+}
+
+/** Find a free key slot and mark it as in use.
+ *
+ * \param[out] handle On success, a slot number that is not in use. This
+ * value can be used as a handle to the slot.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
+{
+ for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) )
+ {
+ psa_key_slot_t *slot = &global_data.key_slots[*handle - 1];
+ if( ! slot->allocated )
+ {
+ slot->allocated = 1;
+ return( PSA_SUCCESS );
+ }
+ }
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+}
+
+/** Wipe a key slot and mark it as available.
+ *
+ * This does not affect persistent storage.
+ *
+ * \param handle The handle to the key slot to release.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
+{
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ return( psa_wipe_key_slot( slot ) );
+}
+
+psa_status_t psa_allocate_key( psa_key_handle_t *handle )
+{
+ *handle = 0;
+ return( psa_internal_allocate_key_slot( handle ) );
+}
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot )
+{
+ psa_status_t status = PSA_SUCCESS;
+ uint8_t *key_data = NULL;
+ size_t key_data_length = 0;
+
+ status = psa_load_persistent_key( p_slot->persistent_storage_id,
+ &( p_slot )->type,
+ &( p_slot )->policy, &key_data,
+ &key_data_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ status = psa_import_key_into_slot( p_slot,
+ key_data, key_data_length );
+exit:
+ psa_free_persistent_key_data( key_data, key_data_length );
+ return( status );
+}
+
+/** Check whether a key identifier is acceptable.
+ *
+ * For backward compatibility, key identifiers that were valid in a
+ * past released version must remain valid, unless a migration path
+ * is provided.
+ *
+ * \param file_id The key identifier to check.
+ *
+ * \return 1 if \p file_id is acceptable, otherwise 0.
+ */
+static int psa_is_key_id_valid( psa_key_file_id_t file_id )
+{
+ psa_app_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id );
+ /* Reject id=0 because by general library conventions, 0 is an invalid
+ * value wherever possible. */
+ if( key_id == 0 )
+ return( 0 );
+ /* Reject high values because the file names are reserved for the
+ * library's internal use. */
+ if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+ return( 0 );
+ return( 1 );
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+/** Declare a slot as persistent and load it from storage.
+ *
+ * This function may only be called immediately after a successful call
+ * to psa_internal_allocate_key_slot().
+ *
+ * \param handle A handle to a key slot freshly allocated with
+ * psa_internal_allocate_key_slot().
+ *
+ * \retval #PSA_SUCCESS
+ * The slot content was loaded successfully.
+ * \retval #PSA_ERROR_DOES_NOT_EXIST
+ * There is no content for this slot in persistent storage.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \p id is not acceptable.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ */
+static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
+ psa_key_file_id_t id )
+{
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ psa_key_slot_t *slot;
+ psa_status_t status;
+
+ if( ! psa_is_key_id_valid( id ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_get_key_slot( handle, &slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+ slot->persistent_storage_id = id;
+ status = psa_load_persistent_key_into_slot( slot );
+
+ return( status );
+
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+ (void) handle;
+ (void) id;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
+}
+
+static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime,
+ psa_key_file_id_t id,
+ psa_key_handle_t *handle,
+ psa_status_t wanted_load_status )
+{
+ psa_status_t status;
+
+ *handle = 0;
+
+ if( lifetime != PSA_KEY_LIFETIME_PERSISTENT )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ status = psa_internal_allocate_key_slot( handle );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_internal_make_key_persistent( *handle, id );
+ if( status != wanted_load_status )
+ {
+ psa_internal_release_key_slot( *handle );
+ *handle = 0;
+ }
+ return( status );
+}
+
+psa_status_t psa_open_key( psa_key_lifetime_t lifetime,
+ psa_key_file_id_t id,
+ psa_key_handle_t *handle )
+{
+ return( persistent_key_setup( lifetime, id, handle, PSA_SUCCESS ) );
+}
+
+psa_status_t psa_create_key( psa_key_lifetime_t lifetime,
+ psa_key_file_id_t id,
+ psa_key_handle_t *handle )
+{
+ psa_status_t status;
+
+ status = persistent_key_setup( lifetime, id, handle,
+ PSA_ERROR_DOES_NOT_EXIST );
+ switch( status )
+ {
+ case PSA_SUCCESS: return( PSA_ERROR_ALREADY_EXISTS );
+ case PSA_ERROR_DOES_NOT_EXIST: return( PSA_SUCCESS );
+ default: return( status );
+ }
+}
+
+psa_status_t psa_close_key( psa_key_handle_t handle )
+{
+ return( psa_internal_release_key_slot( handle ) );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
new file mode 100644
index 0000000..6746bad
--- /dev/null
+++ b/library/psa_crypto_slot_management.h
@@ -0,0 +1,58 @@
+/*
+ * PSA crypto layer on top of Mbed TLS crypto
+ */
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H
+#define PSA_CRYPTO_SLOT_MANAGEMENT_H
+
+/* Number of key slots (plus one because 0 is not used).
+ * The value is a compile-time constant for now, for simplicity. */
+#define PSA_KEY_SLOT_COUNT 32
+
+/** Access a key slot at the given handle.
+ *
+ * \param handle Key handle to query.
+ * \param[out] p_slot On success, `*p_slot` contains a pointer to the
+ * key slot in memory designated by \p handle.
+ *
+ * \retval PSA_SUCCESS
+ * Success: \p handle is a handle to `*p_slot`. Note that `*p_slot`
+ * may be empty or occupied.
+ * \retval PSA_ERROR_INVALID_HANDLE
+ * \p handle is out of range or is not in use.
+ * \retval PSA_ERROR_BAD_STATE
+ * The library has not been initialized.
+ */
+psa_status_t psa_get_key_slot( psa_key_handle_t handle,
+ psa_key_slot_t **p_slot );
+
+/** Initialize the key slot structures.
+ *
+ * \retval PSA_SUCCESS
+ * Currently this function always succeeds.
+ */
+psa_status_t psa_initialize_key_slots( void );
+
+/** Delete all data from key slots in memory.
+ *
+ * This does not affect persistent storage. */
+void psa_wipe_all_key_slots( void );
+
+#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
new file mode 100644
index 0000000..84a6ed5
--- /dev/null
+++ b/library/psa_crypto_storage.c
@@ -0,0 +1,221 @@
+/*
+ * PSA persistent key storage
+ */
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "psa_crypto_service_integration.h"
+#include "psa/crypto.h"
+#include "psa_crypto_storage.h"
+#include "psa_crypto_storage_backend.h"
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
+/*
+ * 32-bit integer manipulation macros (little endian)
+ */
+#ifndef GET_UINT32_LE
+#define GET_UINT32_LE(n,b,i) \
+{ \
+ (n) = ( (uint32_t) (b)[(i) ] ) \
+ | ( (uint32_t) (b)[(i) + 1] << 8 ) \
+ | ( (uint32_t) (b)[(i) + 2] << 16 ) \
+ | ( (uint32_t) (b)[(i) + 3] << 24 ); \
+}
+#endif
+
+#ifndef PUT_UINT32_LE
+#define PUT_UINT32_LE(n,b,i) \
+{ \
+ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
+ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
+ (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
+ (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
+}
+#endif
+
+/**
+ * Persistent key storage magic header.
+ */
+#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
+#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) )
+
+typedef struct {
+ uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
+ uint8_t version[4];
+ uint8_t type[sizeof( psa_key_type_t )];
+ uint8_t policy[sizeof( psa_key_policy_t )];
+ uint8_t data_len[4];
+ uint8_t key_data[];
+} psa_persistent_key_storage_format;
+
+void psa_format_key_data_for_storage( const uint8_t *data,
+ const size_t data_length,
+ const psa_key_type_t type,
+ const psa_key_policy_t *policy,
+ uint8_t *storage_data )
+{
+ psa_persistent_key_storage_format *storage_format =
+ (psa_persistent_key_storage_format *) storage_data;
+
+ memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH );
+ PUT_UINT32_LE(0, storage_format->version, 0);
+ PUT_UINT32_LE(type, storage_format->type, 0);
+ PUT_UINT32_LE(policy->usage, storage_format->policy, 0);
+ PUT_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t ));
+ PUT_UINT32_LE(data_length, storage_format->data_len, 0);
+ memcpy( storage_format->key_data, data, data_length );
+}
+
+static psa_status_t check_magic_header( const uint8_t *data )
+{
+ if( memcmp( data, PSA_KEY_STORAGE_MAGIC_HEADER,
+ PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ) != 0 )
+ return( PSA_ERROR_STORAGE_FAILURE );
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
+ size_t storage_data_length,
+ uint8_t **key_data,
+ size_t *key_data_length,
+ psa_key_type_t *type,
+ psa_key_policy_t *policy )
+{
+ psa_status_t status;
+ const psa_persistent_key_storage_format *storage_format =
+ (const psa_persistent_key_storage_format *)storage_data;
+ uint32_t version;
+
+ if( storage_data_length < sizeof(*storage_format) )
+ return( PSA_ERROR_STORAGE_FAILURE );
+
+ status = check_magic_header( storage_data );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ GET_UINT32_LE(version, storage_format->version, 0);
+ if( version != 0 )
+ return( PSA_ERROR_STORAGE_FAILURE );
+
+ GET_UINT32_LE(*key_data_length, storage_format->data_len, 0);
+ if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) ||
+ *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
+ return( PSA_ERROR_STORAGE_FAILURE );
+
+ *key_data = mbedtls_calloc( 1, *key_data_length );
+ if( *key_data == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+ GET_UINT32_LE(*type, storage_format->type, 0);
+ GET_UINT32_LE(policy->usage, storage_format->policy, 0);
+ GET_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t ));
+
+ memcpy( *key_data, storage_format->key_data, *key_data_length );
+
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_save_persistent_key( const psa_key_file_id_t key,
+ const psa_key_type_t type,
+ const psa_key_policy_t *policy,
+ const uint8_t *data,
+ const size_t data_length )
+{
+ size_t storage_data_length;
+ uint8_t *storage_data;
+ psa_status_t status;
+
+ if( data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
+ return PSA_ERROR_INSUFFICIENT_STORAGE;
+ storage_data_length = data_length + sizeof( psa_persistent_key_storage_format );
+
+ storage_data = mbedtls_calloc( 1, storage_data_length );
+ if( storage_data == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+ psa_format_key_data_for_storage( data, data_length, type, policy,
+ storage_data );
+
+ status = psa_crypto_storage_store( key,
+ storage_data, storage_data_length );
+
+ mbedtls_free( storage_data );
+
+ return( status );
+}
+
+void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length )
+{
+ if( key_data != NULL )
+ {
+ mbedtls_platform_zeroize( key_data, key_data_length );
+ }
+ mbedtls_free( key_data );
+}
+
+psa_status_t psa_load_persistent_key( psa_key_file_id_t key,
+ psa_key_type_t *type,
+ psa_key_policy_t *policy,
+ uint8_t **data,
+ size_t *data_length )
+{
+ psa_status_t status = PSA_SUCCESS;
+ uint8_t *loaded_data;
+ size_t storage_data_length = 0;
+
+ status = psa_crypto_storage_get_data_length( key, &storage_data_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ loaded_data = mbedtls_calloc( 1, storage_data_length );
+
+ if( loaded_data == NULL )
+ return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+ status = psa_crypto_storage_load( key, loaded_data, storage_data_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ status = psa_parse_key_data_from_storage( loaded_data, storage_data_length,
+ data, data_length, type, policy );
+
+exit:
+ mbedtls_free( loaded_data );
+ return( status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
new file mode 100644
index 0000000..7e5aae9
--- /dev/null
+++ b/library/psa_crypto_storage.h
@@ -0,0 +1,195 @@
+/**
+ * \file psa_crypto_storage.h
+ *
+ * \brief PSA cryptography module: Mbed TLS key storage
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_STORAGE_H
+#define PSA_CRYPTO_STORAGE_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#include "psa/crypto.h"
+#include <stdint.h>
+
+/* Limit the maximum key size to 30kB (just in case someone tries to
+ * inadvertently store an obscene amount of data) */
+#define PSA_CRYPTO_MAX_STORAGE_SIZE ( 30 * 1024 )
+
+/** The maximum permitted persistent slot number.
+ *
+ * In Mbed Crypto 0.1.0b:
+ * - Using the file backend, all key ids are ok except 0.
+ * - Using the ITS backend, all key ids are ok except 0xFFFFFF52
+ * (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the
+ * device's random seed (if this feature is enabled).
+ * - Only key ids from 1 to #PSA_KEY_SLOT_COUNT are actually used.
+ *
+ * Since we need to preserve the random seed, avoid using that key slot.
+ * Reserve a whole range of key slots just in case something else comes up.
+ *
+ * This limitation will probably become moot when we implement client
+ * separation for key storage.
+ */
+#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xfffeffff
+
+/**
+ * \brief Format key data and metadata and save to a location for given key
+ * slot.
+ *
+ * This function formats the key data and metadata and saves it to a
+ * persistent storage backend. The storage location corresponding to the
+ * key slot must be empty, otherwise this function will fail. This function
+ * should be called after psa_import_key_into_slot() to ensure the
+ * persistent key is not saved into a storage location corresponding to an
+ * already occupied non-persistent key, as well as validating the key data.
+ *
+ *
+ * \param key Persistent identifier of the key to be stored. This
+ * should be an unoccupied storage location.
+ * \param type Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[in] policy The key policy to save.
+ * \param[in] data Buffer containing the key data.
+ * \param data_length The number of bytes that make up the key data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_ALREADY_EXISTS
+ */
+psa_status_t psa_save_persistent_key( const psa_key_file_id_t key,
+ const psa_key_type_t type,
+ const psa_key_policy_t *policy,
+ const uint8_t *data,
+ const size_t data_length );
+
+/**
+ * \brief Parses key data and metadata and load persistent key for given
+ * key slot number.
+ *
+ * This function reads from a storage backend, parses the key data and
+ * metadata and writes them to the appropriate output parameters.
+ *
+ * Note: This function allocates a buffer and returns a pointer to it through
+ * the data parameter. psa_free_persistent_key_data() must be called after
+ * this function to zeroize and free this buffer, regardless of whether this
+ * function succeeds or fails.
+ *
+ * \param key Persistent identifier of the key to be loaded. This
+ * should be an occupied storage location.
+ * \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX
+ * value).
+ * \param[out] policy On success, the key's policy.
+ * \param[out] data Pointer to an allocated key data buffer on return.
+ * \param[out] data_length The number of bytes that make up the key data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_DOES_NOT_EXIST
+ */
+psa_status_t psa_load_persistent_key( psa_key_file_id_t key,
+ psa_key_type_t *type,
+ psa_key_policy_t *policy,
+ uint8_t **data,
+ size_t *data_length );
+
+/**
+ * \brief Remove persistent data for the given key slot number.
+ *
+ * \param key Persistent identifier of the key to remove
+ * from persistent storage.
+ *
+ * \retval PSA_SUCCESS
+ * The key was successfully removed,
+ * or the key did not exist.
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key );
+
+/**
+ * \brief Free the temporary buffer allocated by psa_load_persistent_key().
+ *
+ * This function must be called at some point after psa_load_persistent_key()
+ * to zeroize and free the memory allocated to the buffer in that function.
+ *
+ * \param key_data Buffer for the key data.
+ * \param key_data_length Size of the key data buffer.
+ *
+ */
+void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length );
+
+/**
+ * \brief Formats key data and metadata for persistent storage
+ *
+ * \param[in] data Buffer for the key data.
+ * \param data_length Length of the key data buffer.
+ * \param type Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param policy The key policy.
+ * \param[out] storage_data Output buffer for the formatted data.
+ *
+ */
+void psa_format_key_data_for_storage( const uint8_t *data,
+ const size_t data_length,
+ const psa_key_type_t type,
+ const psa_key_policy_t *policy,
+ uint8_t *storage_data );
+
+/**
+ * \brief Parses persistent storage data into key data and metadata
+ *
+ * \param[in] storage_data Buffer for the storage data.
+ * \param storage_data_length Length of the storage data buffer
+ * \param[out] key_data On output, pointer to a newly allocated buffer
+ * containing the key data. This must be freed
+ * using psa_free_persistent_key_data()
+ * \param[out] key_data_length Length of the key data buffer
+ * \param[out] type Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[out] policy The key policy.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
+ size_t storage_data_length,
+ uint8_t **key_data,
+ size_t *key_data_length,
+ psa_key_type_t *type,
+ psa_key_policy_t *policy );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_STORAGE_H */
diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h
new file mode 100644
index 0000000..dd534d2
--- /dev/null
+++ b/library/psa_crypto_storage_backend.h
@@ -0,0 +1,115 @@
+/**
+ * \file psa_crypto_storage_backend.h
+ *
+ * \brief PSA cryptography module: Mbed TLS key storage backend
+ */
+/*
+ * Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_STORAGE_BACKEND_H
+#define PSA_CRYPTO_STORAGE_BACKEND_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#include "psa/crypto.h"
+#include "psa_crypto_storage.h"
+#include <stdint.h>
+
+/**
+ * \brief Load persistent data for the given key slot number.
+ *
+ * This function reads data from a storage backend and returns the data in a
+ * buffer.
+ *
+ * \param key Persistent identifier of the key to be loaded. This
+ * should be an occupied storage location.
+ * \param[out] data Buffer where the data is to be written.
+ * \param data_size Size of the \c data buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_DOES_NOT_EXIST
+ */
+psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data,
+ size_t data_size );
+
+/**
+ * \brief Store persistent data for the given key slot number.
+ *
+ * This function stores the given data buffer to a persistent storage.
+ *
+ * \param key Persistent identifier of the key to be stored. This
+ * should be an unoccupied storage location.
+ * \param[in] data Buffer containing the data to be stored.
+ * \param data_length The number of bytes
+ * that make up the data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_ALREADY_EXISTS
+ */
+psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
+ const uint8_t *data,
+ size_t data_length );
+
+/**
+ * \brief Checks if persistent data is stored for the given key slot number
+ *
+ * This function checks if any key data or metadata exists for the key slot in
+ * the persistent storage.
+ *
+ * \param key Persistent identifier to check.
+ *
+ * \retval 0
+ * No persistent data present for slot number
+ * \retval 1
+ * Persistent data present for slot number
+ */
+int psa_is_key_present_in_storage( const psa_key_file_id_t key );
+
+/**
+ * \brief Get data length for given key slot number.
+ *
+ * \param key Persistent identifier whose stored data length
+ * is to be obtained.
+ * \param[out] data_length The number of bytes that make up the data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key,
+ size_t *data_length );
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_STORAGE_H */
diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c
new file mode 100644
index 0000000..c4a534f
--- /dev/null
+++ b/library/psa_crypto_storage_file.c
@@ -0,0 +1,220 @@
+/*
+ * PSA file storage backend for persistent keys
+ */
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
+
+#include <string.h>
+
+#include "psa/crypto.h"
+#include "psa_crypto_storage_backend.h"
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_snprintf snprintf
+#endif
+
+/* This option sets where files are to be stored. If this is left unset,
+ * the files by default will be stored in the same location as the program,
+ * which may not be desired or possible. */
+#if !defined(CRYPTO_STORAGE_FILE_LOCATION)
+#define CRYPTO_STORAGE_FILE_LOCATION ""
+#endif
+
+enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 };
+
+static void key_id_to_location( const psa_key_file_id_t key,
+ char *location,
+ size_t location_size )
+{
+ mbedtls_snprintf( location, location_size,
+ CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu",
+ (unsigned long) key );
+}
+
+psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data,
+ size_t data_size )
+{
+ psa_status_t status = PSA_SUCCESS;
+ FILE *file;
+ size_t num_read;
+ char slot_location[MAX_LOCATION_LEN];
+
+ key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
+ file = fopen( slot_location, "rb" );
+ if( file == NULL )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+ num_read = fread( data, 1, data_size, file );
+ if( num_read != data_size )
+ status = PSA_ERROR_STORAGE_FAILURE;
+
+exit:
+ if( file != NULL )
+ fclose( file );
+ return( status );
+}
+
+int psa_is_key_present_in_storage( const psa_key_file_id_t key )
+{
+ char slot_location[MAX_LOCATION_LEN];
+ FILE *file;
+
+ key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+ file = fopen( slot_location, "r" );
+ if( file == NULL )
+ {
+ /* File doesn't exist */
+ return( 0 );
+ }
+
+ fclose( file );
+ return( 1 );
+}
+
+psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
+ const uint8_t *data,
+ size_t data_length )
+{
+ psa_status_t status = PSA_SUCCESS;
+ int ret;
+ size_t num_written;
+ char slot_location[MAX_LOCATION_LEN];
+ FILE *file;
+ /* The storage location corresponding to "key slot 0" is used as a
+ * temporary location in order to make the apparition of the actual slot
+ * file atomic. 0 is not a valid key slot number, so this should not
+ * affect actual keys. */
+ const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0";
+
+ key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+ if( psa_is_key_present_in_storage( key ) == 1 )
+ return( PSA_ERROR_ALREADY_EXISTS );
+
+ file = fopen( temp_location, "wb" );
+ if( file == NULL )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+
+ num_written = fwrite( data, 1, data_length, file );
+ if( num_written != data_length )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+
+ ret = fclose( file );
+ file = NULL;
+ if( ret != 0 )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+
+ if( rename( temp_location, slot_location ) != 0 )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+
+exit:
+ if( file != NULL )
+ fclose( file );
+ remove( temp_location );
+ return( status );
+}
+
+psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key )
+{
+ FILE *file;
+ char slot_location[MAX_LOCATION_LEN];
+
+ key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+ /* Only try remove the file if it exists */
+ file = fopen( slot_location, "rb" );
+ if( file != NULL )
+ {
+ fclose( file );
+
+ if( remove( slot_location ) != 0 )
+ return( PSA_ERROR_STORAGE_FAILURE );
+ }
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key,
+ size_t *data_length )
+{
+ psa_status_t status = PSA_SUCCESS;
+ FILE *file;
+ long file_size;
+ char slot_location[MAX_LOCATION_LEN];
+
+ key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+ file = fopen( slot_location, "rb" );
+ if( file == NULL )
+ return( PSA_ERROR_DOES_NOT_EXIST );
+
+ if( fseek( file, 0, SEEK_END ) != 0 )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+
+ file_size = ftell( file );
+
+ if( file_size < 0 )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+
+#if LONG_MAX > SIZE_MAX
+ if( (unsigned long) file_size > SIZE_MAX )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+#endif
+ *data_length = (size_t) file_size;
+
+exit:
+ fclose( file );
+ return( status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c
new file mode 100644
index 0000000..447c0ae
--- /dev/null
+++ b/library/psa_crypto_storage_its.c
@@ -0,0 +1,164 @@
+/*
+ * PSA storage backend for persistent keys using psa_its APIs.
+ */
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+
+#include "psa/error.h"
+#include "psa_crypto_service_integration.h"
+#include "psa/crypto.h"
+#include "psa_crypto_storage_backend.h"
+#include "psa/internal_trusted_storage.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#endif
+
+/* Determine a file name (ITS file identifier) for the given key file
+ * identifier. The file name must be distinct from any file that is used
+ * for a purpose other than storing a key. Currently, the only such file
+ * is the random seed file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID
+ * and whose value is 0xFFFFFF52. */
+static psa_storage_uid_t psa_its_identifier_of_slot( psa_key_file_id_t file_id )
+{
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) && \
+ defined(PSA_CRYPTO_SECURE)
+ /* Encode the owner in the upper 32 bits. This means that if
+ * owner values are nonzero (as they are on a PSA platform),
+ * no key file will ever have a value less than 0x100000000, so
+ * the whole range 0..0xffffffff is available for non-key files. */
+ uint32_t unsigned_owner = (uint32_t) file_id.owner;
+ return( (uint64_t) unsigned_owner << 32 | file_id.key_id );
+#else
+ /* Use the key id directly as a file name.
+ * psa_is_key_file_id_valid() in psa_crypto_slot_management.c
+ * is responsible for ensuring that key identifiers do not have a
+ * value that is reserved for non-key files. */
+ return( file_id );
+#endif
+}
+
+psa_status_t psa_crypto_storage_load( const psa_key_file_id_t key, uint8_t *data,
+ size_t data_size )
+{
+ psa_status_t status;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
+
+ status = psa_its_get_info( data_identifier, &data_identifier_info );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = psa_its_get( data_identifier, 0, data_size, data );
+
+ return( status );
+}
+
+int psa_is_key_present_in_storage( const psa_key_file_id_t key )
+{
+ psa_status_t ret;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
+
+ ret = psa_its_get_info( data_identifier, &data_identifier_info );
+
+ if( ret == PSA_ERROR_DOES_NOT_EXIST )
+ return( 0 );
+ return( 1 );
+}
+
+psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,
+ const uint8_t *data,
+ size_t data_length )
+{
+ psa_status_t status;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
+
+ if( psa_is_key_present_in_storage( key ) == 1 )
+ return( PSA_ERROR_ALREADY_EXISTS );
+
+ status = psa_its_set( data_identifier, data_length, data, 0 );
+ if( status != PSA_SUCCESS )
+ {
+ return( PSA_ERROR_STORAGE_FAILURE );
+ }
+
+ status = psa_its_get_info( data_identifier, &data_identifier_info );
+ if( status != PSA_SUCCESS )
+ {
+ goto exit;
+ }
+
+ if( data_identifier_info.size != data_length )
+ {
+ status = PSA_ERROR_STORAGE_FAILURE;
+ goto exit;
+ }
+
+exit:
+ if( status != PSA_SUCCESS )
+ psa_its_remove( data_identifier );
+ return( status );
+}
+
+psa_status_t psa_destroy_persistent_key( const psa_key_file_id_t key )
+{
+ psa_status_t ret;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
+
+ ret = psa_its_get_info( data_identifier, &data_identifier_info );
+ if( ret == PSA_ERROR_DOES_NOT_EXIST )
+ return( PSA_SUCCESS );
+
+ if( psa_its_remove( data_identifier ) != PSA_SUCCESS )
+ return( PSA_ERROR_STORAGE_FAILURE );
+
+ ret = psa_its_get_info( data_identifier, &data_identifier_info );
+ if( ret != PSA_ERROR_DOES_NOT_EXIST )
+ return( PSA_ERROR_STORAGE_FAILURE );
+
+ return( PSA_SUCCESS );
+}
+
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_file_id_t key,
+ size_t *data_length )
+{
+ psa_status_t status;
+ psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key );
+ struct psa_storage_info_t data_identifier_info;
+
+ status = psa_its_get_info( data_identifier, &data_identifier_info );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ *data_length = (size_t) data_identifier_info.size;
+
+ return( PSA_SUCCESS );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */
diff --git a/library/rsa.c b/library/rsa.c
index af1a878..a35af44 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1135,7 +1135,7 @@
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
mode == MBEDTLS_RSA_PUBLIC );
RSA_VALIDATE_RET( output != NULL );
- RSA_VALIDATE_RET( input != NULL );
+ RSA_VALIDATE_RET( ilen == 0 || input != NULL );
RSA_VALIDATE_RET( label_len == 0 || label != NULL );
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
@@ -1171,7 +1171,8 @@
p += hlen;
p += olen - 2 * hlen - 2 - ilen;
*p++ = 1;
- memcpy( p, input, ilen );
+ if( ilen != 0 )
+ memcpy( p, input, ilen );
mbedtls_md_init( &md_ctx );
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
@@ -1218,7 +1219,7 @@
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
mode == MBEDTLS_RSA_PUBLIC );
RSA_VALIDATE_RET( output != NULL );
- RSA_VALIDATE_RET( input != NULL );
+ RSA_VALIDATE_RET( ilen == 0 || input != NULL );
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@@ -1263,7 +1264,8 @@
}
*p++ = 0;
- memcpy( p, input, ilen );
+ if( ilen != 0 )
+ memcpy( p, input, ilen );
return( ( mode == MBEDTLS_RSA_PUBLIC )
? mbedtls_rsa_public( ctx, output, output )
@@ -1285,7 +1287,7 @@
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
mode == MBEDTLS_RSA_PUBLIC );
RSA_VALIDATE_RET( output != NULL );
- RSA_VALIDATE_RET( input != NULL );
+ RSA_VALIDATE_RET( ilen == 0 || input != NULL );
switch( ctx->padding )
{
@@ -1441,7 +1443,8 @@
}
*olen = ilen - (p - buf);
- memcpy( output, p, *olen );
+ if( *olen != 0 )
+ memcpy( output, p, *olen );
ret = 0;
cleanup:
@@ -1693,9 +1696,15 @@
plaintext_max_size,
plaintext_max_size - plaintext_size );
- /* Finally copy the decrypted plaintext plus trailing zeros
- * into the output buffer. */
- memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size );
+ /* Finally copy the decrypted plaintext plus trailing zeros into the output
+ * buffer. If output_max_len is 0, then output may be an invalid pointer
+ * and the result of memcpy() would be undefined; prevent undefined
+ * behavior making sure to depend only on output_max_len (the size of the
+ * user-provided output buffer), which is independent from plaintext
+ * length, validity of padding, success of the decryption, and other
+ * secrets. */
+ if( output_max_len != 0 )
+ memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size );
/* Report the amount of data we copied to the output buffer. In case
* of errors (bad padding or output too large), the value of *olen
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index afced7a..87fa1e0 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -39,6 +39,10 @@
#include "mbedtls/ssl.h"
#include "mbedtls/ssl_internal.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#include <string.h>
#include <stdint.h>
@@ -51,6 +55,44 @@
#include "mbedtls/platform_util.h"
#endif
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
+{
+ if( conf->psk_identity == NULL ||
+ conf->psk_identity_len == 0 )
+ {
+ return( 0 );
+ }
+
+ if( conf->psk != NULL && conf->psk_len != 0 )
+ return( 1 );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( conf->psk_opaque != 0 )
+ return( 1 );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ return( 0 );
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf )
+{
+ if( conf->psk_identity == NULL ||
+ conf->psk_identity_len == 0 )
+ {
+ return( 0 );
+ }
+
+ if( conf->psk != NULL && conf->psk_len != 0 )
+ return( 1 );
+
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
@@ -754,6 +796,15 @@
return( 1 );
#endif
+ /* Don't suggest PSK-based ciphersuite if no PSK is available. */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+ if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
+ ssl_conf_has_static_psk( ssl->conf ) == 0 )
+ {
+ return( 1 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
return( 0 );
}
@@ -2062,6 +2113,64 @@
MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) )
+static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl,
+ unsigned char **p,
+ unsigned char *end )
+{
+ uint16_t tls_id;
+ uint8_t ecpoint_len;
+ mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+
+ /*
+ * Parse ECC group
+ */
+
+ if( end - *p < 4 )
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+
+ /* First byte is curve_type; only named_curve is handled */
+ if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE )
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+
+ /* Next two bytes are the namedcurve value */
+ tls_id = *(*p)++;
+ tls_id <<= 8;
+ tls_id |= *(*p)++;
+
+ /* Convert EC group to PSA key type. */
+ if( ( handshake->ecdh_psa_curve =
+ mbedtls_psa_parse_tls_ecc_group( tls_id ) ) == 0 )
+ {
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+ }
+
+ /*
+ * Put peer's ECDH public key in the format understood by PSA.
+ */
+
+ ecpoint_len = *(*p)++;
+ if( (size_t)( end - *p ) < ecpoint_len )
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+
+ if( mbedtls_psa_tls_ecpoint_to_psa_ec( handshake->ecdh_psa_curve,
+ *p, ecpoint_len,
+ handshake->ecdh_psa_peerkey,
+ sizeof( handshake->ecdh_psa_peerkey ),
+ &handshake->ecdh_psa_peerkey_len ) != 0 )
+ {
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ *p += ecpoint_len;
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
+
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
@@ -2463,6 +2572,24 @@
else
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) )
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
+ {
+ if( ssl_parse_server_ecdh_params_psa( ssl, &p, end ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+ }
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
@@ -2891,7 +3018,9 @@
static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
{
int ret;
- size_t i, n;
+
+ size_t header_len;
+ size_t content_len;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
ssl->transform_negotiate->ciphersuite_info;
@@ -2903,16 +3032,16 @@
/*
* DHM key exchange -- send G^X mod P
*/
- n = ssl->handshake->dhm_ctx.len;
+ content_len = ssl->handshake->dhm_ctx.len;
- ssl->out_msg[4] = (unsigned char)( n >> 8 );
- ssl->out_msg[5] = (unsigned char)( n );
- i = 6;
+ ssl->out_msg[4] = (unsigned char)( content_len >> 8 );
+ ssl->out_msg[5] = (unsigned char)( content_len );
+ header_len = 6;
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
- (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
- &ssl->out_msg[i], n,
- ssl->conf->f_rng, ssl->conf->p_rng );
+ (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
+ &ssl->out_msg[header_len], content_len,
+ ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
@@ -2923,10 +3052,10 @@
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
- ssl->handshake->premaster,
- MBEDTLS_PREMASTER_SIZE,
- &ssl->handshake->pmslen,
- ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+ ssl->handshake->premaster,
+ MBEDTLS_PREMASTER_SIZE,
+ &ssl->handshake->pmslen,
+ ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( ret );
@@ -2936,6 +3065,119 @@
}
else
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) )
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
+ {
+ psa_status_t status;
+ psa_key_policy_t policy;
+
+ mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+
+ unsigned char own_pubkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
+ size_t own_pubkey_len;
+ unsigned char *own_pubkey_ecpoint;
+ size_t own_pubkey_ecpoint_len;
+
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+
+ header_len = 4;
+
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) );
+
+ /*
+ * Generate EC private key for ECDHE exchange.
+ */
+
+ /* Allocate a new key slot for the private key. */
+
+ status = psa_allocate_key( &handshake->ecdh_psa_privkey );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ /* The master secret is obtained from the shared ECDH secret by
+ * applying the TLS 1.2 PRF with a specific salt and label. While
+ * the PSA Crypto API encourages combining key agreement schemes
+ * such as ECDH with fixed KDFs such as TLS 1.2 PRF, it does not
+ * yet support the provisioning of salt + label to the KDF.
+ * For the time being, we therefore need to split the computation
+ * of the ECDH secret and the application of the TLS 1.2 PRF. */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ) );
+ status = psa_set_key_policy( handshake->ecdh_psa_privkey, &policy );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ /* Generate ECDH private key. */
+ status = psa_generate_key( handshake->ecdh_psa_privkey,
+ PSA_KEY_TYPE_ECC_KEYPAIR( handshake->ecdh_psa_curve ),
+ MBEDTLS_PSA_ECC_KEY_BITS_OF_CURVE( handshake->ecdh_psa_curve ),
+ NULL, 0 );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ /* Export the public part of the ECDH private key from PSA
+ * and convert it to ECPoint format used in ClientKeyExchange. */
+ status = psa_export_public_key( handshake->ecdh_psa_privkey,
+ own_pubkey, sizeof( own_pubkey ),
+ &own_pubkey_len );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ if( mbedtls_psa_tls_psa_ec_to_ecpoint( own_pubkey,
+ own_pubkey_len,
+ &own_pubkey_ecpoint,
+ &own_pubkey_ecpoint_len ) != 0 )
+ {
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ /* Copy ECPoint structure to outgoing message buffer. */
+ ssl->out_msg[header_len] = own_pubkey_ecpoint_len;
+ memcpy( ssl->out_msg + header_len + 1,
+ own_pubkey_ecpoint, own_pubkey_ecpoint_len );
+ content_len = own_pubkey_ecpoint_len + 1;
+
+ /* Compute ECDH shared secret. */
+ status = psa_key_agreement( &generator,
+ handshake->ecdh_psa_privkey,
+ handshake->ecdh_psa_peerkey,
+ handshake->ecdh_psa_peerkey_len,
+ PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ) );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ /* The ECDH secret is the premaster secret used for key derivation. */
+
+ ssl->handshake->pmslen =
+ MBEDTLS_PSA_ECC_KEY_BYTES_OF_CURVE( handshake->ecdh_psa_curve );
+
+ status = psa_generator_read( &generator,
+ ssl->handshake->premaster,
+ ssl->handshake->pmslen );
+ if( status != PSA_SUCCESS )
+ {
+ psa_generator_abort( &generator );
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ status = psa_generator_abort( &generator );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ status = psa_destroy_key( handshake->ecdh_psa_privkey );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ handshake->ecdh_psa_privkey = 0;
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
@@ -2948,7 +3190,7 @@
/*
* ECDH key exchange -- send client public value
*/
- i = 4;
+ header_len = 4;
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
if( ssl->handshake->ecrs_enabled )
@@ -2961,8 +3203,8 @@
#endif
ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
- &n,
- &ssl->out_msg[i], 1000,
+ &content_len,
+ &ssl->out_msg[header_len], 1000,
ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
@@ -2980,19 +3222,19 @@
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
if( ssl->handshake->ecrs_enabled )
{
- ssl->handshake->ecrs_n = n;
+ ssl->handshake->ecrs_n = content_len;
ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret;
}
ecdh_calc_secret:
if( ssl->handshake->ecrs_enabled )
- n = ssl->handshake->ecrs_n;
+ content_len = ssl->handshake->ecrs_n;
#endif
if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
- &ssl->handshake->pmslen,
- ssl->handshake->premaster,
- MBEDTLS_MPI_MAX_SIZE,
- ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+ &ssl->handshake->pmslen,
+ ssl->handshake->premaster,
+ MBEDTLS_MPI_MAX_SIZE,
+ ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
@@ -3016,39 +3258,50 @@
/*
* opaque psk_identity<0..2^16-1>;
*/
- if( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL )
+ if( ssl_conf_has_static_psk( ssl->conf ) == 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for PSK" ) );
- return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+ /* We don't offer PSK suites if we don't have a PSK,
+ * and we check that the server's choice is among the
+ * ciphersuites we offered, so this should never happen. */
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- i = 4;
- n = ssl->conf->psk_identity_len;
+ header_len = 4;
+ content_len = ssl->conf->psk_identity_len;
- if( i + 2 + n > MBEDTLS_SSL_OUT_CONTENT_LEN )
+ if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or "
"SSL buffer too short" ) );
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
- ssl->out_msg[i++] = (unsigned char)( n >> 8 );
- ssl->out_msg[i++] = (unsigned char)( n );
+ ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
+ ssl->out_msg[header_len++] = (unsigned char)( content_len );
- memcpy( ssl->out_msg + i, ssl->conf->psk_identity, ssl->conf->psk_identity_len );
- i += ssl->conf->psk_identity_len;
+ memcpy( ssl->out_msg + header_len,
+ ssl->conf->psk_identity,
+ ssl->conf->psk_identity_len );
+ header_len += ssl->conf->psk_identity_len;
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )
{
- n = 0;
+ content_len = 0;
}
else
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
{
- if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 )
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Opaque PSKs are currently only supported for PSK-only suites. */
+ if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
+ &content_len, 2 ) ) != 0 )
return( ret );
}
else
@@ -3056,24 +3309,31 @@
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Opaque PSKs are currently only supported for PSK-only suites. */
+ if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
/*
* ClientDiffieHellmanPublic public (DHM send G^X mod P)
*/
- n = ssl->handshake->dhm_ctx.len;
+ content_len = ssl->handshake->dhm_ctx.len;
- if( i + 2 + n > MBEDTLS_SSL_OUT_CONTENT_LEN )
+ if( header_len + 2 + content_len >
+ MBEDTLS_SSL_OUT_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity or DHM size too long"
" or SSL buffer too short" ) );
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
- ssl->out_msg[i++] = (unsigned char)( n >> 8 );
- ssl->out_msg[i++] = (unsigned char)( n );
+ ssl->out_msg[header_len++] = (unsigned char)( content_len >> 8 );
+ ssl->out_msg[header_len++] = (unsigned char)( content_len );
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
- &ssl->out_msg[i], n,
+ &ssl->out_msg[header_len], content_len,
ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
@@ -3086,11 +3346,19 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Opaque PSKs are currently only supported for PSK-only suites. */
+ if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
/*
* ClientECDiffieHellmanPublic public;
*/
- ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n,
- &ssl->out_msg[i], MBEDTLS_SSL_OUT_CONTENT_LEN - i,
+ ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
+ &content_len,
+ &ssl->out_msg[header_len],
+ MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
@@ -3108,6 +3376,17 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
+ ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+ ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) );
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
ciphersuite_info->key_exchange ) ) != 0 )
{
@@ -3120,8 +3399,9 @@
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
{
- i = 4;
- if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 0 ) ) != 0 )
+ header_len = 4;
+ if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
+ &content_len, 0 ) ) != 0 )
return( ret );
}
else
@@ -3129,10 +3409,12 @@
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
{
- i = 4;
+ header_len = 4;
ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx,
- ssl->out_msg + i, MBEDTLS_SSL_OUT_CONTENT_LEN - i, &n,
+ ssl->out_msg + header_len,
+ MBEDTLS_SSL_OUT_CONTENT_LEN - header_len,
+ &content_len,
ssl->conf->f_rng, ssl->conf->p_rng );
if( ret != 0 )
{
@@ -3157,7 +3439,7 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
- ssl->out_msglen = i + n;
+ ssl->out_msglen = header_len + content_len;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE;
@@ -3463,6 +3745,15 @@
if( ticket_len == 0 )
return( 0 );
+ if( ssl->session != NULL && ssl->session->ticket != NULL )
+ {
+ mbedtls_platform_zeroize( ssl->session->ticket,
+ ssl->session->ticket_len );
+ mbedtls_free( ssl->session->ticket );
+ ssl->session->ticket = NULL;
+ ssl->session->ticket_len = 0;
+ }
+
mbedtls_platform_zeroize( ssl->session_negotiate->ticket,
ssl->session_negotiate->ticket_len );
mbedtls_free( ssl->session_negotiate->ticket );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index bc77f80..46e24e4 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -149,6 +149,48 @@
}
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf )
+{
+ if( conf->f_psk != NULL )
+ return( 1 );
+
+ if( conf->psk_identity_len == 0 || conf->psk_identity == NULL )
+ return( 0 );
+
+ if( conf->psk != NULL && conf->psk_len != 0 )
+ return( 1 );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( conf->psk_opaque != 0 )
+ return( 1 );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ return( 0 );
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
+{
+ if( ssl->conf->f_psk != NULL )
+ {
+ /* If we've used a callback to select the PSK,
+ * the static configuration is irrelevant. */
+
+ if( ssl->handshake->psk_opaque != 0 )
+ return( 1 );
+
+ return( 0 );
+ }
+
+ if( ssl->conf->psk_opaque != 0 )
+ return( 1 );
+
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t len )
@@ -867,9 +909,7 @@
/* If the ciphersuite requires a pre-shared key and we don't
* have one, skip it now rather than failing later */
if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
- ssl->conf->f_psk == NULL &&
- ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
- ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
+ ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) );
return( 0 );
@@ -1449,7 +1489,7 @@
*/
/*
- * Minimal length (with everything empty and extensions ommitted) is
+ * Minimal length (with everything empty and extensions omitted) is
* 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can
* read at least up to session id length without worrying.
*/
@@ -3649,9 +3689,7 @@
int ret = 0;
size_t n;
- if( ssl->conf->f_psk == NULL &&
- ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
- ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
+ if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
@@ -3831,6 +3869,13 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically
+ * and skip the intermediate PMS. */
+ if( ssl_use_opaque_psk( ssl ) == 1 )
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) );
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
ciphersuite_info->key_exchange ) ) != 0 )
{
@@ -3862,6 +3907,12 @@
return( ret );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Opaque PSKs are currently only supported for PSK-only. */
+ if( ssl_use_opaque_psk( ssl ) == 1 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+
if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret );
@@ -3891,6 +3942,12 @@
return( ret );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Opaque PSKs are currently only supported for PSK-only. */
+ if( ssl_use_opaque_psk( ssl ) == 1 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+
if( p != end )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
@@ -3922,6 +3979,12 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Opaque PSKs are currently only supported for PSK-only. */
+ if( ssl_use_opaque_psk( ssl ) == 1 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
MBEDTLS_DEBUG_ECDH_QP );
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 8492c19..7de4e66 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -54,6 +54,19 @@
#define MAX_KEY_BYTES 32 /* 256 bits */
+#define TICKET_KEY_NAME_BYTES 4
+#define TICKET_IV_BYTES 12
+#define TICKET_CRYPT_LEN_BYTES 2
+#define TICKET_AUTH_TAG_BYTES 16
+
+#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES + \
+ TICKET_IV_BYTES + \
+ TICKET_CRYPT_LEN_BYTES + \
+ TICKET_AUTH_TAG_BYTES )
+#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES + \
+ TICKET_IV_BYTES + \
+ TICKET_CRYPT_LEN_BYTES )
+
/*
* Generate/update a key
*/
@@ -141,11 +154,27 @@
if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ||
- ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )
- {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
+ cipher_info, TICKET_AUTH_TAG_BYTES );
+ if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
return( ret );
- }
+ /* We don't yet expect to support all ciphers through PSA,
+ * so allow fallback to ordinary mbedtls_cipher_setup(). */
+ if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 )
+ return( ret );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx,
+ cipher_info, TICKET_AUTH_TAG_BYTES );
+ if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+ return( ret );
+ if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )
+ return( ret );
if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||
( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )
@@ -278,6 +307,7 @@
* The key_name, iv, and length of encrypted_state are the additional
* authenticated data.
*/
+
int mbedtls_ssl_ticket_write( void *p_ticket,
const mbedtls_ssl_session *session,
unsigned char *start,
@@ -289,9 +319,9 @@
mbedtls_ssl_ticket_context *ctx = p_ticket;
mbedtls_ssl_ticket_key *key;
unsigned char *key_name = start;
- unsigned char *iv = start + 4;
- unsigned char *state_len_bytes = iv + 12;
- unsigned char *state = state_len_bytes + 2;
+ unsigned char *iv = start + TICKET_KEY_NAME_BYTES;
+ unsigned char *state_len_bytes = iv + TICKET_IV_BYTES;
+ unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES;
unsigned char *tag;
size_t clear_len, ciph_len;
@@ -302,7 +332,7 @@
/* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
* in addition to session itself, that will be checked when writing it. */
- if( end - start < 4 + 12 + 2 + 16 )
+ if( end - start < TICKET_MIN_LEN )
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
#if defined(MBEDTLS_THREADING_C)
@@ -317,9 +347,9 @@
*ticket_lifetime = ctx->ticket_lifetime;
- memcpy( key_name, key->name, 4 );
+ memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES );
- if( ( ret = ctx->f_rng( ctx->p_rng, iv, 12 ) ) != 0 )
+ if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 )
goto cleanup;
/* Dump session state */
@@ -335,8 +365,11 @@
/* Encrypt and authenticate */
tag = state + clear_len;
if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx,
- iv, 12, key_name, 4 + 12 + 2,
- state, clear_len, state, &ciph_len, tag, 16 ) ) != 0 )
+ iv, TICKET_IV_BYTES,
+ /* Additional data: key name, IV and length */
+ key_name, TICKET_ADD_DATA_LEN,
+ state, clear_len, state, &ciph_len,
+ tag, TICKET_AUTH_TAG_BYTES ) ) != 0 )
{
goto cleanup;
}
@@ -346,7 +379,7 @@
goto cleanup;
}
- *tlen = 4 + 12 + 2 + 16 + ciph_len;
+ *tlen = TICKET_MIN_LEN + ciph_len;
cleanup:
#if defined(MBEDTLS_THREADING_C)
@@ -385,17 +418,16 @@
mbedtls_ssl_ticket_context *ctx = p_ticket;
mbedtls_ssl_ticket_key *key;
unsigned char *key_name = buf;
- unsigned char *iv = buf + 4;
- unsigned char *enc_len_p = iv + 12;
- unsigned char *ticket = enc_len_p + 2;
+ unsigned char *iv = buf + TICKET_KEY_NAME_BYTES;
+ unsigned char *enc_len_p = iv + TICKET_IV_BYTES;
+ unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES;
unsigned char *tag;
size_t enc_len, clear_len;
if( ctx == NULL || ctx->f_rng == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- /* See mbedtls_ssl_ticket_write() */
- if( len < 4 + 12 + 2 + 16 )
+ if( len < TICKET_MIN_LEN )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
#if defined(MBEDTLS_THREADING_C)
@@ -409,7 +441,7 @@
enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
tag = ticket + enc_len;
- if( len != 4 + 12 + 2 + enc_len + 16 )
+ if( len != TICKET_MIN_LEN + enc_len )
{
ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
goto cleanup;
@@ -425,9 +457,13 @@
}
/* Decrypt and authenticate */
- if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, iv, 12,
- key_name, 4 + 12 + 2, ticket, enc_len,
- ticket, &clear_len, tag, 16 ) ) != 0 )
+ if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx,
+ iv, TICKET_IV_BYTES,
+ /* Additional data: key name, IV and length */
+ key_name, TICKET_ADD_DATA_LEN,
+ ticket, enc_len,
+ ticket, &clear_len,
+ tag, TICKET_AUTH_TAG_BYTES ) ) != 0 )
{
if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
ret = MBEDTLS_ERR_SSL_INVALID_MAC;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 38690fa..4c23f0e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -50,10 +50,19 @@
#include <string.h>
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#include "psa/crypto.h"
+#endif
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#include "mbedtls/oid.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
+
static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl );
static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl );
@@ -490,6 +499,76 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int tls_prf_generic( mbedtls_md_type_t md_type,
+ const unsigned char *secret, size_t slen,
+ const char *label,
+ const unsigned char *random, size_t rlen,
+ unsigned char *dstbuf, size_t dlen )
+{
+ psa_status_t status;
+ psa_algorithm_t alg;
+ psa_key_policy_t policy;
+ psa_key_handle_t master_slot;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+
+ if( ( status = psa_allocate_key( &master_slot ) ) != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ if( md_type == MBEDTLS_MD_SHA384 )
+ alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384);
+ else
+ alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256);
+
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_DERIVE,
+ alg );
+ status = psa_set_key_policy( master_slot, &policy );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ status = psa_import_key( master_slot, PSA_KEY_TYPE_DERIVE, secret, slen );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ status = psa_key_derivation( &generator,
+ master_slot, alg,
+ random, rlen,
+ (unsigned char const *) label,
+ (size_t) strlen( label ),
+ dlen );
+ if( status != PSA_SUCCESS )
+ {
+ psa_generator_abort( &generator );
+ psa_destroy_key( master_slot );
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ status = psa_generator_read( &generator, dstbuf, dlen );
+ if( status != PSA_SUCCESS )
+ {
+ psa_generator_abort( &generator );
+ psa_destroy_key( master_slot );
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ status = psa_generator_abort( &generator );
+ if( status != PSA_SUCCESS )
+ {
+ psa_destroy_key( master_slot );
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ status = psa_destroy_key( master_slot );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+
+ return( 0 );
+}
+
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+
static int tls_prf_generic( mbedtls_md_type_t md_type,
const unsigned char *secret, size_t slen,
const char *label,
@@ -552,7 +631,7 @@
return( 0 );
}
-
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SHA256_C)
static int tls_prf_sha256( const unsigned char *secret, size_t slen,
const char *label,
@@ -607,9 +686,34 @@
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
+ defined(MBEDTLS_USE_PSA_CRYPTO)
+static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
+{
+ if( ssl->conf->f_psk != NULL )
+ {
+ /* If we've used a callback to select the PSK,
+ * the static configuration is irrelevant. */
+ if( ssl->handshake->psk_opaque != 0 )
+ return( 1 );
+
+ return( 0 );
+ }
+
+ if( ssl->conf->psk_opaque != 0 )
+ return( 1 );
+
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
{
int ret = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ int psa_fallthrough;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char tmp[64];
unsigned char keyblk[256];
unsigned char *key1;
@@ -618,9 +722,18 @@
unsigned char *mac_dec;
size_t mac_key_len;
size_t iv_copy_len;
+ size_t taglen = 0;
const mbedtls_cipher_info_t *cipher_info;
const mbedtls_md_info_t *md_info;
+ /* cf. RFC 5246, Section 8.1:
+ * "The master secret is always exactly 48 bytes in length." */
+ size_t const master_secret_len = 48;
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+ unsigned char session_hash[48];
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
mbedtls_ssl_session *session = ssl->session_negotiate;
mbedtls_ssl_transform *transform = ssl->transform_negotiate;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
@@ -700,68 +813,127 @@
* TLSv1+:
* master = PRF( premaster, "master secret", randbytes )[0..47]
*/
- if( handshake->resume == 0 )
+ if( handshake->resume != 0 )
{
- MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
- handshake->pmslen );
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
+ }
+ else
+ {
+ /* The label for the KDF used for key expansion.
+ * This is either "master secret" or "extended master secret"
+ * depending on whether the Extended Master Secret extension
+ * is used. */
+ char const *lbl = "master secret";
+
+ /* The salt for the KDF used for key expansion.
+ * - If the Extended Master Secret extension is not used,
+ * this is ClientHello.Random + ServerHello.Random
+ * (see Sect. 8.1 in RFC 5246).
+ * - If the Extended Master Secret extension is used,
+ * this is the transcript of the handshake so far.
+ * (see Sect. 4 in RFC 7627). */
+ unsigned char const *salt = handshake->randbytes;
+ size_t salt_len = 64;
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+ const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+ ssl->transform_negotiate->ciphersuite_info;
+ mbedtls_md_type_t const md_type = ciphersuite_info->mac;
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
{
- unsigned char session_hash[48];
- size_t hash_len;
-
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
+ lbl = "extended master secret";
+ salt = session_hash;
ssl->handshake->calc_verify( ssl, session_hash );
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
{
#if defined(MBEDTLS_SHA512_C)
- if( ssl->transform_negotiate->ciphersuite_info->mac ==
- MBEDTLS_MD_SHA384 )
- {
- hash_len = 48;
- }
+ if( md_type == MBEDTLS_MD_SHA384 )
+ salt_len = 48;
else
-#endif
- hash_len = 32;
+#endif /* MBEDTLS_SHA512_C */
+ salt_len = 32;
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
- hash_len = 36;
+ salt_len = 36;
- MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
+ MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, salt_len );
+ }
+#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
+ ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+ ssl_use_opaque_psk( ssl ) == 1 )
+ {
+ /* Perform PSK-to-MS expansion in a single step. */
+ psa_status_t status;
+ psa_algorithm_t alg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_handle_t psk;
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) );
+
+ psk = ssl->conf->psk_opaque;
+ if( ssl->handshake->psk_opaque != 0 )
+ psk = ssl->handshake->psk_opaque;
+
+ if( md_type == MBEDTLS_MD_SHA384 )
+ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+ else
+ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+
+ status = psa_key_derivation( &generator, psk, alg,
+ salt, salt_len,
+ (unsigned char const *) lbl,
+ (size_t) strlen( lbl ),
+ master_secret_len );
+ if( status != PSA_SUCCESS )
+ {
+ psa_generator_abort( &generator );
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ status = psa_generator_read( &generator, session->master,
+ master_secret_len );
+ if( status != PSA_SUCCESS )
+ {
+ psa_generator_abort( &generator );
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+
+ status = psa_generator_abort( &generator );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+ }
+ else
+#endif
+ {
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
- "extended master secret",
- session_hash, hash_len,
- session->master, 48 );
+ lbl, salt, salt_len,
+ session->master,
+ master_secret_len );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
return( ret );
}
- }
- else
-#endif
- ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
- "master secret",
- handshake->randbytes, 64,
- session->master, 48 );
- if( ret != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
- return( ret );
- }
+ MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret",
+ handshake->premaster,
+ handshake->pmslen );
- mbedtls_platform_zeroize( handshake->premaster,
- sizeof(handshake->premaster) );
+ mbedtls_platform_zeroize( handshake->premaster,
+ sizeof(handshake->premaster) );
+ }
}
- else
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
/*
* Swap the client and server random values.
@@ -810,7 +982,7 @@
cipher_info->mode == MBEDTLS_MODE_CCM ||
cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
{
- size_t taglen, explicit_ivlen;
+ size_t explicit_ivlen;
transform->maclen = 0;
mac_key_len = 0;
@@ -1030,6 +1202,43 @@
}
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+ /* Only use PSA-based ciphers for TLS-1.2.
+ * That's relevant at least for TLS-1.0, where
+ * we assume that mbedtls_cipher_crypt() updates
+ * the structure field for the IV, which the PSA-based
+ * implementation currently doesn't. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+ {
+ ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc,
+ cipher_info, taglen );
+ if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
+ return( ret );
+ }
+
+ if( ret == 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) );
+ psa_fallthrough = 0;
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) );
+ psa_fallthrough = 1;
+ }
+ }
+ else
+ psa_fallthrough = 1;
+#else
+ psa_fallthrough = 1;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+ if( psa_fallthrough == 1 )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
cipher_info ) ) != 0 )
{
@@ -1037,6 +1246,42 @@
return( ret );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* Only use PSA-based ciphers for TLS-1.2.
+ * That's relevant at least for TLS-1.0, where
+ * we assume that mbedtls_cipher_crypt() updates
+ * the structure field for the IV, which the PSA-based
+ * implementation currently doesn't. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+ {
+ ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec,
+ cipher_info, taglen );
+ if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
+ return( ret );
+ }
+
+ if( ret == 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) );
+ psa_fallthrough = 0;
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) );
+ psa_fallthrough = 1;
+ }
+ }
+ else
+ psa_fallthrough = 1;
+#else
+ psa_fallthrough = 1;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+ if( psa_fallthrough == 1 )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
cipher_info ) ) != 0 )
{
@@ -1181,7 +1426,7 @@
mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
- mbedtls_md5_finish_ret( &md5, hash );
+ mbedtls_md5_finish_ret( &md5, hash );
mbedtls_sha1_finish_ret( &sha1, hash + 16 );
MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
@@ -1198,6 +1443,28 @@
#if defined(MBEDTLS_SHA256_C)
void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32] )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ size_t hash_size;
+ psa_status_t status;
+ psa_hash_operation_t sha256_psa = psa_hash_operation_init();
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha256" ) );
+ status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
+ return;
+ }
+
+ status = psa_hash_finish( &sha256_psa, hash, 32, &hash_size );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
+ return;
+ }
+ MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, 32 );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) );
+#else
mbedtls_sha256_context sha256;
mbedtls_sha256_init( &sha256 );
@@ -1211,7 +1478,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
mbedtls_sha256_free( &sha256 );
-
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
return;
}
#endif /* MBEDTLS_SHA256_C */
@@ -1219,6 +1486,28 @@
#if defined(MBEDTLS_SHA512_C)
void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48] )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ size_t hash_size;
+ psa_status_t status;
+ psa_hash_operation_t sha384_psa = psa_hash_operation_init();
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha384" ) );
+ status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
+ return;
+ }
+
+ status = psa_hash_finish( &sha384_psa, hash, 48, &hash_size );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
+ return;
+ }
+ MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, 48 );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) );
+#else
mbedtls_sha512_context sha512;
mbedtls_sha512_init( &sha512 );
@@ -1232,7 +1521,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
mbedtls_sha512_free( &sha512 );
-
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
return;
}
#endif /* MBEDTLS_SHA512_C */
@@ -2606,7 +2895,7 @@
}
/*
- * A record can't be split accross datagrams. If we need to read but
+ * A record can't be split across datagrams. If we need to read but
* are not at the beginning of a new record, the caller did something
* wrong.
*/
@@ -5435,6 +5724,23 @@
return( ret );
}
+#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
+static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
+ unsigned char *crt_buf,
+ size_t crt_buf_len )
+{
+ mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert;
+
+ if( peer_crt == NULL )
+ return( -1 );
+
+ if( peer_crt->raw.len != crt_buf_len )
+ return( -1 );
+
+ return( memcmp( peer_crt->raw.p, crt_buf, crt_buf_len ) );
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
+
/*
* Once the certificate message is read, parse it into a cert chain and
* perform basic checks, but leave actual verification to the caller
@@ -5525,43 +5831,40 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
}
+ /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */
+ i += 3;
+
/* In case we tried to reuse a session but it failed */
if( ssl->session_negotiate->peer_cert != NULL )
{
mbedtls_x509_crt_free( ssl->session_negotiate->peer_cert );
mbedtls_free( ssl->session_negotiate->peer_cert );
+ ssl->session_negotiate->peer_cert = NULL;
}
- if( ( ssl->session_negotiate->peer_cert = mbedtls_calloc( 1,
- sizeof( mbedtls_x509_crt ) ) ) == NULL )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
- sizeof( mbedtls_x509_crt ) ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- }
-
- mbedtls_x509_crt_init( ssl->session_negotiate->peer_cert );
-
- i += 3;
-
+ /* Iterate through and parse the CRTs in the provided chain. */
while( i < ssl->in_hslen )
{
+ /* Check that there's room for the next CRT's length fields. */
if ( i + 3 > ssl->in_hslen ) {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ mbedtls_ssl_send_alert_message( ssl,
+ MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
}
+ /* In theory, the CRT can be up to 2**24 Bytes, but we don't support
+ * anything beyond 2**16 ~ 64K. */
if( ssl->in_msg[i] != 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ mbedtls_ssl_send_alert_message( ssl,
+ MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
}
+ /* Read length of the next CRT in the chain. */
n = ( (unsigned int) ssl->in_msg[i + 1] << 8 )
| (unsigned int) ssl->in_msg[i + 2];
i += 3;
@@ -5569,72 +5872,101 @@
if( n < 128 || i + n > ssl->in_hslen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ mbedtls_ssl_send_alert_message( ssl,
+ MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
}
+ /* Check if we're handling the first CRT in the chain. */
+ if( ssl->session_negotiate->peer_cert == NULL )
+ {
+ /* During client-side renegotiation, check that the server's
+ * end-CRTs hasn't changed compared to the initial handshake,
+ * mitigating the triple handshake attack. On success, reuse
+ * the original end-CRT instead of parsing it again. */
+#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
+ if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+ ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "Check that peer CRT hasn't changed during renegotiation" ) );
+ if( ssl_check_peer_crt_unchanged( ssl,
+ &ssl->in_msg[i],
+ n ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) );
+ mbedtls_ssl_send_alert_message( ssl,
+ MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+ }
+
+ /* Move CRT chain structure to new session instance. */
+ ssl->session_negotiate->peer_cert = ssl->session->peer_cert;
+ ssl->session->peer_cert = NULL;
+
+ /* Delete all remaining CRTs from the original CRT chain. */
+ mbedtls_x509_crt_free(
+ ssl->session_negotiate->peer_cert->next );
+ mbedtls_free( ssl->session_negotiate->peer_cert->next );
+ ssl->session_negotiate->peer_cert->next = NULL;
+
+ i += n;
+ continue;
+ }
+#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
+
+ /* Outside of client-side renegotiation, create a fresh X.509 CRT
+ * instance to parse the end-CRT into. */
+
+ ssl->session_negotiate->peer_cert =
+ mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
+ if( ssl->session_negotiate->peer_cert == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
+ sizeof( mbedtls_x509_crt ) ) );
+ mbedtls_ssl_send_alert_message( ssl,
+ MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+ return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+ }
+
+ mbedtls_x509_crt_init( ssl->session_negotiate->peer_cert );
+
+ /* Intentional fall through */
+ }
+
+ /* Parse the next certificate in the chain. */
ret = mbedtls_x509_crt_parse_der( ssl->session_negotiate->peer_cert,
- ssl->in_msg + i, n );
+ ssl->in_msg + i, n );
switch( ret )
{
- case 0: /*ok*/
- case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
- /* Ignore certificate with an unknown algorithm: maybe a
- prior certificate was already trusted. */
- break;
+ case 0: /*ok*/
+ case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
+ /* Ignore certificate with an unknown algorithm: maybe a
+ prior certificate was already trusted. */
+ break;
- case MBEDTLS_ERR_X509_ALLOC_FAILED:
- alert = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR;
- goto crt_parse_der_failed;
+ case MBEDTLS_ERR_X509_ALLOC_FAILED:
+ alert = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR;
+ goto crt_parse_der_failed;
- case MBEDTLS_ERR_X509_UNKNOWN_VERSION:
- alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
- goto crt_parse_der_failed;
+ case MBEDTLS_ERR_X509_UNKNOWN_VERSION:
+ alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+ goto crt_parse_der_failed;
- default:
- alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
- crt_parse_der_failed:
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert );
- MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret );
- return( ret );
+ default:
+ alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
+ crt_parse_der_failed:
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert );
+ MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret );
+ return( ret );
}
i += n;
}
MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", ssl->session_negotiate->peer_cert );
-
- /*
- * On client, make sure the server cert doesn't change during renego to
- * avoid "triple handshake" attack: https://secure-resumption.com/
- */
-#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
- if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
- ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
- {
- if( ssl->session->peer_cert == NULL )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED );
- return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
- }
-
- if( ssl->session->peer_cert->raw.len !=
- ssl->session_negotiate->peer_cert->raw.len ||
- memcmp( ssl->session->peer_cert->raw.p,
- ssl->session_negotiate->peer_cert->raw.p,
- ssl->session->peer_cert->raw.len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "server cert changed during renegotiation" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED );
- return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
- }
- }
-#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
-
return( 0 );
}
@@ -6006,11 +6338,21 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_abort( &ssl->handshake->fin_sha256_psa );
+ psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 );
+#else
mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 );
#endif
+#endif
#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_abort( &ssl->handshake->fin_sha384_psa );
+ psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
+#else
mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 );
#endif
+#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
@@ -6024,11 +6366,19 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len );
+#else
mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
#endif
+#endif
#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
+#else
mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
#endif
+#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
@@ -6047,7 +6397,11 @@
static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len );
+#else
mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
+#endif
}
#endif
@@ -6055,7 +6409,11 @@
static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
const unsigned char *buf, size_t len )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
+#else
mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
+#endif
}
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -6211,13 +6569,44 @@
{
int len = 12;
const char *sender;
- mbedtls_sha256_context sha256;
unsigned char padbuf[32];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ size_t hash_size;
+ psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT;
+ psa_status_t status;
+#else
+ mbedtls_sha256_context sha256;
+#endif
mbedtls_ssl_session *session = ssl->session_negotiate;
if( !session )
session = ssl->session;
+ sender = ( from == MBEDTLS_SSL_IS_CLIENT )
+ ? "client finished"
+ : "server finished";
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ sha256_psa = psa_hash_operation_init();
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) );
+
+ status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
+ return;
+ }
+
+ status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
+ return;
+ }
+ MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 );
+#else
+
mbedtls_sha256_init( &sha256 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) );
@@ -6235,19 +6624,15 @@
sha256.state, sizeof( sha256.state ) );
#endif
- sender = ( from == MBEDTLS_SSL_IS_CLIENT )
- ? "client finished"
- : "server finished";
-
mbedtls_sha256_finish_ret( &sha256, padbuf );
+ mbedtls_sha256_free( &sha256 );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 32, buf, len );
MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- mbedtls_sha256_free( &sha256 );
-
mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
@@ -6260,13 +6645,43 @@
{
int len = 12;
const char *sender;
- mbedtls_sha512_context sha512;
unsigned char padbuf[48];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ size_t hash_size;
+ psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT;
+ psa_status_t status;
+#else
+ mbedtls_sha512_context sha512;
+#endif
mbedtls_ssl_session *session = ssl->session_negotiate;
if( !session )
session = ssl->session;
+ sender = ( from == MBEDTLS_SSL_IS_CLIENT )
+ ? "client finished"
+ : "server finished";
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ sha384_psa = psa_hash_operation_init();
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha384" ) );
+
+ status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) );
+ return;
+ }
+
+ status = psa_hash_finish( &sha384_psa, padbuf, sizeof( padbuf ), &hash_size );
+ if( status != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) );
+ return;
+ }
+ MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 48 );
+#else
mbedtls_sha512_init( &sha512 );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) );
@@ -6284,19 +6699,15 @@
sha512.state, sizeof( sha512.state ) );
#endif
- sender = ( from == MBEDTLS_SSL_IS_CLIENT )
- ? "client finished"
- : "server finished";
-
mbedtls_sha512_finish_ret( &sha512, padbuf );
+ mbedtls_sha512_free( &sha512 );
+#endif
ssl->handshake->tls_prf( session->master, 48, sender,
padbuf, 48, buf, len );
MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- mbedtls_sha512_free( &sha512 );
-
mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
@@ -6607,13 +7018,23 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ handshake->fin_sha256_psa = psa_hash_operation_init();
+ psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 );
+#else
mbedtls_sha256_init( &handshake->fin_sha256 );
mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 );
#endif
+#endif
#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ handshake->fin_sha384_psa = psa_hash_operation_init();
+ psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
+#else
mbedtls_sha512_init( &handshake->fin_sha512 );
mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 );
#endif
+#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
handshake->update_checksum = ssl_update_checksum_start;
@@ -7329,23 +7750,23 @@
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
- const unsigned char *psk, size_t psk_len,
- const unsigned char *psk_identity, size_t psk_identity_len )
+
+static void ssl_conf_remove_psk( mbedtls_ssl_config *conf )
{
- if( psk == NULL || psk_identity == NULL )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
- if( psk_len > MBEDTLS_PSK_MAX_LEN )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
- /* Identity len will be encoded on two bytes */
- if( ( psk_identity_len >> 16 ) != 0 ||
- psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
+ /* Remove reference to existing PSK, if any. */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( conf->psk_opaque != 0 )
{
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ /* The maintenance of the PSK key slot is the
+ * user's responsibility. */
+ conf->psk_opaque = 0;
}
-
+ /* This and the following branch should never
+ * be taken simultaenously as we maintain the
+ * invariant that raw and opaque PSKs are never
+ * configured simultaneously. As a safeguard,
+ * though, `else` is omitted here. */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( conf->psk != NULL )
{
mbedtls_platform_zeroize( conf->psk, conf->psk_len );
@@ -7354,32 +7775,84 @@
conf->psk = NULL;
conf->psk_len = 0;
}
+
+ /* Remove reference to PSK identity, if any. */
if( conf->psk_identity != NULL )
{
mbedtls_free( conf->psk_identity );
conf->psk_identity = NULL;
conf->psk_identity_len = 0;
}
+}
- if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||
- ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL )
+/* This function assumes that PSK identity in the SSL config is unset.
+ * It checks that the provided identity is well-formed and attempts
+ * to make a copy of it in the SSL config.
+ * On failure, the PSK identity in the config remains unset. */
+static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf,
+ unsigned char const *psk_identity,
+ size_t psk_identity_len )
+{
+ /* Identity len will be encoded on two bytes */
+ if( psk_identity == NULL ||
+ ( psk_identity_len >> 16 ) != 0 ||
+ psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
- mbedtls_free( conf->psk );
- mbedtls_free( conf->psk_identity );
- conf->psk = NULL;
- conf->psk_identity = NULL;
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
- conf->psk_len = psk_len;
- conf->psk_identity_len = psk_identity_len;
+ conf->psk_identity = mbedtls_calloc( 1, psk_identity_len );
+ if( conf->psk_identity == NULL )
+ return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- memcpy( conf->psk, psk, conf->psk_len );
+ conf->psk_identity_len = psk_identity_len;
memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len );
return( 0 );
}
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
+ const unsigned char *psk, size_t psk_len,
+ const unsigned char *psk_identity, size_t psk_identity_len )
+{
+ int ret;
+ /* Remove opaque/raw PSK + PSK Identity */
+ ssl_conf_remove_psk( conf );
+
+ /* Check and set raw PSK */
+ if( psk == NULL || psk_len > MBEDTLS_PSK_MAX_LEN )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL )
+ return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+ conf->psk_len = psk_len;
+ memcpy( conf->psk, psk, conf->psk_len );
+
+ /* Check and set PSK Identity */
+ ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len );
+ if( ret != 0 )
+ ssl_conf_remove_psk( conf );
+
+ return( ret );
+}
+
+static void ssl_remove_psk( mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( ssl->handshake->psk_opaque != 0 )
+ {
+ ssl->handshake->psk_opaque = 0;
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ if( ssl->handshake->psk != NULL )
+ {
+ mbedtls_platform_zeroize( ssl->handshake->psk,
+ ssl->handshake->psk_len );
+ mbedtls_free( ssl->handshake->psk );
+ ssl->handshake->psk_len = 0;
+ }
+}
+
int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
const unsigned char *psk, size_t psk_len )
{
@@ -7389,13 +7862,7 @@
if( psk_len > MBEDTLS_PSK_MAX_LEN )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- if( ssl->handshake->psk != NULL )
- {
- mbedtls_platform_zeroize( ssl->handshake->psk,
- ssl->handshake->psk_len );
- mbedtls_free( ssl->handshake->psk );
- ssl->handshake->psk_len = 0;
- }
+ ssl_remove_psk( ssl );
if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL )
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
@@ -7406,6 +7873,42 @@
return( 0 );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
+ psa_key_handle_t psk_slot,
+ const unsigned char *psk_identity,
+ size_t psk_identity_len )
+{
+ int ret;
+ /* Clear opaque/raw PSK + PSK Identity, if present. */
+ ssl_conf_remove_psk( conf );
+
+ /* Check and set opaque PSK */
+ if( psk_slot == 0 )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ conf->psk_opaque = psk_slot;
+
+ /* Check and set PSK Identity */
+ ret = ssl_conf_set_psk_identity( conf, psk_identity,
+ psk_identity_len );
+ if( ret != 0 )
+ ssl_conf_remove_psk( conf );
+
+ return( ret );
+}
+
+int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
+ psa_key_handle_t psk_slot )
+{
+ if( psk_slot == 0 || ssl->handshake == NULL )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+ ssl_remove_psk( ssl );
+ ssl->handshake->psk_opaque = psk_slot;
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
size_t),
@@ -8834,11 +9337,19 @@
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_abort( &handshake->fin_sha256_psa );
+#else
mbedtls_sha256_free( &handshake->fin_sha256 );
#endif
+#endif
#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_abort( &handshake->fin_sha384_psa );
+#else
mbedtls_sha512_free( &handshake->fin_sha512 );
#endif
+#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_DHM_C)
@@ -8899,6 +9410,11 @@
ssl_buffering_free( ssl );
#endif
+#if defined(MBEDTLS_ECDH_C) && \
+ defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_destroy_key( handshake->ecdh_psa_privkey );
+#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
+
mbedtls_platform_zeroize( handshake,
sizeof( mbedtls_ssl_handshake_params ) );
}
@@ -9727,6 +10243,70 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
+ unsigned char *hash, size_t *hashlen,
+ unsigned char *data, size_t data_len,
+ mbedtls_md_type_t md_alg )
+{
+ psa_status_t status;
+ psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
+ psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg );
+
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) );
+
+ if( ( status = psa_hash_setup( &hash_operation,
+ hash_alg ) ) != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", status );
+ goto exit;
+ }
+
+ if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes,
+ 64 ) ) != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status );
+ goto exit;
+ }
+
+ if( ( status = psa_hash_update( &hash_operation,
+ data, data_len ) ) != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status );
+ goto exit;
+ }
+
+ if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE,
+ hashlen ) ) != PSA_SUCCESS )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status );
+ goto exit;
+ }
+
+exit:
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+ switch( status )
+ {
+ case PSA_ERROR_NOT_SUPPORTED:
+ return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
+ case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */
+ case PSA_ERROR_BUFFER_TOO_SMALL:
+ return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+ case PSA_ERROR_INSUFFICIENT_MEMORY:
+ return( MBEDTLS_ERR_MD_ALLOC_FAILED );
+ default:
+ return( MBEDTLS_ERR_MD_HW_ACCEL_FAILED );
+ }
+ }
+ return( 0 );
+}
+
+#else
+
int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
unsigned char *hash, size_t *hashlen,
unsigned char *data, size_t data_len,
@@ -9737,6 +10317,8 @@
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
*hashlen = mbedtls_md_get_size( md_info );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform mbedtls-based computation of digest of ServerKeyExchange" ) );
+
mbedtls_md_init( &ctx );
/*
@@ -9781,6 +10363,8 @@
return( ret );
}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
MBEDTLS_SSL_PROTO_TLS1_2 */
diff --git a/library/version_features.c b/library/version_features.c
index 4c36d3c..2bfecf0 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -72,6 +72,9 @@
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
"MBEDTLS_PLATFORM_SNPRINTF_ALT",
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
+ "MBEDTLS_PLATFORM_VSNPRINTF_ALT",
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
"MBEDTLS_PLATFORM_NV_SEED_ALT",
#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
@@ -405,6 +408,12 @@
#if defined(MBEDTLS_ENTROPY_NV_SEED)
"MBEDTLS_ENTROPY_NV_SEED",
#endif /* MBEDTLS_ENTROPY_NV_SEED */
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+ "MBEDTLS_PSA_HAS_ITS_IO",
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
+ "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER",
+#endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
#if defined(MBEDTLS_MEMORY_DEBUG)
"MBEDTLS_MEMORY_DEBUG",
#endif /* MBEDTLS_MEMORY_DEBUG */
@@ -420,6 +429,12 @@
#if defined(MBEDTLS_PKCS1_V21)
"MBEDTLS_PKCS1_V21",
#endif /* MBEDTLS_PKCS1_V21 */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+ "MBEDTLS_PSA_CRYPTO_SPM",
+#endif /* MBEDTLS_PSA_CRYPTO_SPM */
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+ "MBEDTLS_PSA_HAS_ITS_IO",
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_RSA_NO_CRT)
"MBEDTLS_RSA_NO_CRT",
#endif /* MBEDTLS_RSA_NO_CRT */
@@ -516,6 +531,9 @@
#if defined(MBEDTLS_THREADING_PTHREAD)
"MBEDTLS_THREADING_PTHREAD",
#endif /* MBEDTLS_THREADING_PTHREAD */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ "MBEDTLS_USE_PSA_CRYPTO",
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_VERSION_FEATURES)
"MBEDTLS_VERSION_FEATURES",
#endif /* MBEDTLS_VERSION_FEATURES */
@@ -684,6 +702,18 @@
#if defined(MBEDTLS_POLY1305_C)
"MBEDTLS_POLY1305_C",
#endif /* MBEDTLS_POLY1305_C */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+ "MBEDTLS_PSA_CRYPTO_C",
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ "MBEDTLS_PSA_CRYPTO_STORAGE_C",
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
+ "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C",
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+ "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C",
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */
#if defined(MBEDTLS_RIPEMD160_C)
"MBEDTLS_RIPEMD160_C",
#endif /* MBEDTLS_RIPEMD160_C */
diff --git a/library/x509.c b/library/x509.c
index 52b5b64..6b7899f 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -116,7 +116,7 @@
}
/*
- * Parse an algorithm identifier with (optional) paramaters
+ * Parse an algorithm identifier with (optional) parameters
*/
int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 7655834..e3f169f 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -49,6 +49,11 @@
#include "mbedtls/pem.h"
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
@@ -368,7 +373,7 @@
for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ )
{
ver_chain->items[i].crt = NULL;
- ver_chain->items[i].flags = -1;
+ ver_chain->items[i].flags = (uint32_t) -1;
}
ver_chain->len = 0;
@@ -829,8 +834,10 @@
/*
* Parse and fill a single X.509 certificate in DER format
*/
-static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, const unsigned char *buf,
- size_t buflen )
+static int x509_crt_parse_der_core( mbedtls_x509_crt *crt,
+ const unsigned char *buf,
+ size_t buflen,
+ int make_copy )
{
int ret;
size_t len;
@@ -847,7 +854,7 @@
if( crt == NULL || buf == NULL )
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
- // Use the original buffer until we figure out actual length
+ /* Use the original buffer until we figure out actual length. */
p = (unsigned char*) buf;
len = buflen;
end = p + len;
@@ -865,25 +872,26 @@
return( MBEDTLS_ERR_X509_INVALID_FORMAT );
}
- if( len > (size_t) ( end - p ) )
- {
- mbedtls_x509_crt_free( crt );
- return( MBEDTLS_ERR_X509_INVALID_FORMAT +
- MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
- }
- crt_end = p + len;
-
- // Create and populate a new buffer for the raw field
- crt->raw.len = crt_end - buf;
- crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len );
- if( p == NULL )
- return( MBEDTLS_ERR_X509_ALLOC_FAILED );
-
- memcpy( p, buf, crt->raw.len );
-
- // Direct pointers to the new buffer
- p += crt->raw.len - len;
end = crt_end = p + len;
+ crt->raw.len = crt_end - buf;
+ if( make_copy != 0 )
+ {
+ /* Create and populate a new buffer for the raw field. */
+ crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len );
+ if( crt->raw.p == NULL )
+ return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+ memcpy( crt->raw.p, buf, crt->raw.len );
+ crt->own_buffer = 1;
+
+ p += crt->raw.len - len;
+ end = crt_end = p + len;
+ }
+ else
+ {
+ crt->raw.p = (unsigned char*) buf;
+ crt->own_buffer = 0;
+ }
/*
* TBSCertificate ::= SEQUENCE {
@@ -1086,8 +1094,10 @@
* Parse one X.509 certificate in DER format from a buffer and add them to a
* chained list
*/
-int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf,
- size_t buflen )
+static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen,
+ int make_copy )
{
int ret;
mbedtls_x509_crt *crt = chain, *prev = NULL;
@@ -1119,7 +1129,7 @@
crt = crt->next;
}
- if( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 )
+ if( ( ret = x509_crt_parse_der_core( crt, buf, buflen, make_copy ) ) != 0 )
{
if( prev )
prev->next = NULL;
@@ -1133,11 +1143,27 @@
return( 0 );
}
+int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen )
+{
+ return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 0 ) );
+}
+
+int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen )
+{
+ return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 1 ) );
+}
+
/*
* Parse one or more PEM certificates from a buffer and add them to the chained
* list
*/
-int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen )
+int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen )
{
#if defined(MBEDTLS_PEM_PARSE_C)
int success = 0, first_error = 0, total_failed = 0;
@@ -1892,16 +1918,35 @@
mbedtls_x509_crt *parent,
mbedtls_x509_crt_restart_ctx *rs_ctx )
{
- const mbedtls_md_info_t *md_info;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-
+ size_t hash_len;
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+ const mbedtls_md_info_t *md_info;
md_info = mbedtls_md_info_from_type( child->sig_md );
+ hash_len = mbedtls_md_get_size( md_info );
+
+ /* Note: hash errors can happen only after an internal error */
if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 )
+ return( -1 );
+#else
+ psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
+ psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md );
+
+ if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
+ return( -1 );
+
+ if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len )
+ != PSA_SUCCESS )
{
- /* Note: this can't happen except after an internal error */
return( -1 );
}
+ if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
+ != PSA_SUCCESS )
+ {
+ return( -1 );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Skip expensive computation on obvious mismatch */
if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) )
return( -1 );
@@ -1910,7 +1955,7 @@
if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA )
{
return( mbedtls_pk_verify_restartable( &parent->pk,
- child->sig_md, hash, mbedtls_md_get_size( md_info ),
+ child->sig_md, hash, hash_len,
child->sig.p, child->sig.len, &rs_ctx->pk ) );
}
#else
@@ -1918,7 +1963,7 @@
#endif
return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
- child->sig_md, hash, mbedtls_md_get_size( md_info ),
+ child->sig_md, hash, hash_len,
child->sig.p, child->sig.len ) );
}
@@ -2237,7 +2282,7 @@
* Tests for (aspects of) this function should include at least:
* - trusted EE
* - EE -> trusted root
- * - EE -> intermedate CA -> trusted root
+ * - EE -> intermediate CA -> trusted root
* - if relevant: EE untrusted
* - if relevant: EE -> intermediate, untrusted
* with the aspect under test checked at each relevant level (EE, int, root).
@@ -2675,7 +2720,7 @@
mbedtls_free( seq_prv );
}
- if( cert_cur->raw.p != NULL )
+ if( cert_cur->raw.p != NULL && cert_cur->own_buffer )
{
mbedtls_platform_zeroize( cert_cur->raw.p, cert_cur->raw.len );
mbedtls_free( cert_cur->raw.p );
diff --git a/library/x509_csr.c b/library/x509_csr.c
index f844257..c8c08c8 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -279,15 +279,24 @@
{
mbedtls_pem_init( &pem );
ret = mbedtls_pem_read_buffer( &pem,
- "-----BEGIN CERTIFICATE REQUEST-----",
- "-----END CERTIFICATE REQUEST-----",
- buf, NULL, 0, &use_len );
+ "-----BEGIN CERTIFICATE REQUEST-----",
+ "-----END CERTIFICATE REQUEST-----",
+ buf, NULL, 0, &use_len );
+ if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+ {
+ ret = mbedtls_pem_read_buffer( &pem,
+ "-----BEGIN NEW CERTIFICATE REQUEST-----",
+ "-----END NEW CERTIFICATE REQUEST-----",
+ buf, NULL, 0, &use_len );
+ }
if( ret == 0 )
+ {
/*
* Was PEM encoded, parse the result
*/
ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen );
+ }
mbedtls_pem_free( &pem );
if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 8b475be..8dc39e7 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -37,6 +37,11 @@
#include "mbedtls/asn1write.h"
#include "mbedtls/platform_util.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
#include <string.h>
#include <stdlib.h>
@@ -138,7 +143,11 @@
size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0;
mbedtls_pk_type_t pk_alg;
-
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
+ size_t hash_len;
+ psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
/*
* Prepare data to be signed in tmp_buf
*/
@@ -189,9 +198,23 @@
/*
* Prepare signature
+ * Note: hash errors can happen only after an internal error
*/
- mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
+ return( MBEDTLS_ERR_X509_FATAL_ERROR );
+ if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS )
+ return( MBEDTLS_ERR_X509_FATAL_ERROR );
+
+ if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
+ != PSA_SUCCESS )
+ {
+ return( MBEDTLS_ERR_X509_FATAL_ERROR );
+ }
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+ mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
+#endif
if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
f_rng, p_rng ) ) != 0 )
{
diff --git a/programs/.gitignore b/programs/.gitignore
index 0241896..d19162d 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -29,6 +29,10 @@
pkey/rsa_sign_pss
pkey/rsa_verify
pkey/rsa_verify_pss
+psa/crypto_examples
+psa/psa_constant_names
+psa/psa_constant_names_generated.c
+psa/key_ladder_demo
random/gen_entropy
random/gen_random_ctr_drbg
random/gen_random_havege
@@ -49,6 +53,7 @@
test/ssl_cert_test
test/udp_proxy
test/zeroize
+test/query_compile_time_config
util/pem2der
util/strerror
x509/cert_app
diff --git a/programs/CMakeLists.txt b/programs/CMakeLists.txt
index 4cdae78..661b120 100644
--- a/programs/CMakeLists.txt
+++ b/programs/CMakeLists.txt
@@ -1,6 +1,7 @@
add_subdirectory(aes)
add_subdirectory(hash)
add_subdirectory(pkey)
+add_subdirectory(psa)
add_subdirectory(random)
add_subdirectory(ssl)
add_subdirectory(test)
diff --git a/programs/Makefile b/programs/Makefile
index b6d1fa2..1df2cb1 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -60,6 +60,8 @@
pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \
pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \
pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \
+ psa/crypto_examples$(EXEXT) \
+ psa/key_ladder_demo$(EXEXT) psa/psa_constant_names$(EXEXT) \
ssl/dtls_client$(EXEXT) ssl/dtls_server$(EXEXT) \
ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \
ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \
@@ -70,6 +72,7 @@
test/ssl_cert_test$(EXEXT) test/benchmark$(EXEXT) \
test/selftest$(EXEXT) test/udp_proxy$(EXEXT) \
test/zeroize$(EXEXT) \
+ test/query_compile_time_config$(EXEXT) \
util/pem2der$(EXEXT) util/strerror$(EXEXT) \
x509/cert_app$(EXEXT) x509/crl_app$(EXEXT) \
x509/cert_req$(EXEXT) x509/cert_write$(EXEXT) \
@@ -83,6 +86,8 @@
APPS += test/cpp_dummy_build$(EXEXT)
endif
+EXTRA_GENERATED =
+
.SILENT:
.PHONY: all clean list
@@ -92,6 +97,16 @@
$(DEP):
$(MAKE) -C ../library
+ifdef WINDOWS
+EXTRA_GENERATED += psa\psa_constant_names_generated.c
+else
+EXTRA_GENERATED += psa/psa_constant_names_generated.c
+endif
+
+psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c
+psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto_values.h ../include/psa/crypto_extra.h
+ ../scripts/generate_psa_constants.py
+
aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP)
echo " CC aes/aescrypt2.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -188,6 +203,14 @@
echo " CC pkey/rsa_encrypt.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+psa/key_ladder_demo$(EXEXT): psa/key_ladder_demo.c $(DEP)
+ echo " CC psa/key_ladder_demo.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c $(DEP)
+ echo " CC psa/psa_constant_names.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP)
echo " CC random/gen_entropy.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -212,17 +235,17 @@
echo " CC ssl/ssl_client1.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c $(DEP)
+ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c ssl/query_config.c $(DEP)
echo " CC ssl/ssl_client2.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c ssl/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP)
echo " CC ssl/ssl_server.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c $(DEP)
+ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c ssl/query_config.c $(DEP)
echo " CC ssl/ssl_server2.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c ssl/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP)
echo " CC ssl/ssl_fork_server.c"
@@ -264,6 +287,10 @@
echo " CC test/zeroize.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c ssl/query_config.c $(DEP)
+ echo " CC test/query_compile_time_config.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c ssl/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
util/pem2der$(EXEXT): util/pem2der.c $(DEP)
echo " CC util/pem2der.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) util/pem2der.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -292,11 +319,17 @@
echo " CC x509/req_app.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/req_app.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP)
+ echo " CC psa/crypto_examples.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
clean:
ifndef WINDOWS
- rm -f $(APPS)
+ rm -f $(APPS) $(EXTRA_GENERATED)
else
- del /S /Q /F *.o *.exe
+ if exist *.o del /S /Q /F *.o
+ if exist *.exe del /S /Q /F *.exe
+ if exist $(EXTRA_GENERATED) del /S /Q /F $(EXTRA_GENERATED)
endif
list:
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index ad03a91..5131745 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -55,7 +55,6 @@
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/md.h"
#include "mbedtls/rsa.h"
-#include "mbedtls/md.h"
#include "mbedtls/x509.h"
#include <stdio.h>
diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt
new file mode 100644
index 0000000..c80043b
--- /dev/null
+++ b/programs/psa/CMakeLists.txt
@@ -0,0 +1,26 @@
+add_executable(crypto_examples crypto_examples.c)
+target_link_libraries(crypto_examples mbedtls)
+
+add_executable(key_ladder_demo key_ladder_demo.c)
+target_link_libraries(key_ladder_demo mbedtls)
+
+add_executable(psa_constant_names psa_constant_names.c)
+target_link_libraries(psa_constant_names mbedtls)
+
+add_custom_target(
+ psa_constant_names_generated
+ COMMAND ${PYTHON_EXECUTABLE} scripts/generate_psa_constants.py
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/../../
+)
+add_dependencies(psa_constant_names psa_constant_names_generated)
+
+install(TARGETS
+ crypto_examples
+ key_ladder_demo
+ psa_constant_names
+ DESTINATION "bin"
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+
+install(PROGRAMS
+ key_ladder_demo.sh
+ DESTINATION "bin")
diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
new file mode 100644
index 0000000..0908756
--- /dev/null
+++ b/programs/psa/crypto_examples.c
@@ -0,0 +1,351 @@
+#include "psa/crypto.h"
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#define mbedtls_printf printf
+#define mbedtls_exit exit
+#endif
+
+#define ASSERT( predicate ) \
+ do \
+ { \
+ if( ! ( predicate ) ) \
+ { \
+ mbedtls_printf( "\tassertion failed at %s:%d - '%s'\r\n", \
+ __FILE__, __LINE__, #predicate); \
+ goto exit; \
+ } \
+ } while ( 0 )
+
+#define ASSERT_STATUS( actual, expected ) \
+ do \
+ { \
+ if( ( actual ) != ( expected ) ) \
+ { \
+ mbedtls_printf( "\tassertion failed at %s:%d - " \
+ "actual:%d expected:%d\r\n", __FILE__, __LINE__, \
+ (psa_status_t) actual, (psa_status_t) expected ); \
+ goto exit; \
+ } \
+ } while ( 0 )
+
+#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \
+ !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \
+ !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+int main( void )
+{
+ mbedtls_printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or "
+ "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR "
+ "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING "
+ "not defined.\r\n" );
+ return( 0 );
+}
+#else
+
+static psa_status_t set_key_policy( psa_key_handle_t key_handle,
+ psa_key_usage_t key_usage,
+ psa_algorithm_t alg )
+{
+ psa_status_t status;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ psa_key_policy_set_usage( &policy, key_usage, alg );
+ status = psa_set_key_policy( key_handle, &policy );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+exit:
+ return( status );
+}
+
+static psa_status_t cipher_operation( psa_cipher_operation_t *operation,
+ const uint8_t * input,
+ size_t input_size,
+ size_t part_size,
+ uint8_t * output,
+ size_t output_size,
+ size_t *output_len )
+{
+ psa_status_t status;
+ size_t bytes_to_write = 0, bytes_written = 0, len = 0;
+
+ *output_len = 0;
+ while( bytes_written != input_size )
+ {
+ bytes_to_write = ( input_size - bytes_written > part_size ?
+ part_size :
+ input_size - bytes_written );
+
+ status = psa_cipher_update( operation, input + bytes_written,
+ bytes_to_write, output + *output_len,
+ output_size - *output_len, &len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ bytes_written += bytes_to_write;
+ *output_len += len;
+ }
+
+ status = psa_cipher_finish( operation, output + *output_len,
+ output_size - *output_len, &len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+ *output_len += len;
+
+exit:
+ return( status );
+}
+
+static psa_status_t cipher_encrypt( psa_key_handle_t key_handle,
+ psa_algorithm_t alg,
+ uint8_t * iv,
+ size_t iv_size,
+ const uint8_t * input,
+ size_t input_size,
+ size_t part_size,
+ uint8_t * output,
+ size_t output_size,
+ size_t *output_len )
+{
+ psa_status_t status;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ size_t iv_len = 0;
+
+ memset( &operation, 0, sizeof( operation ) );
+ status = psa_cipher_encrypt_setup( &operation, key_handle, alg );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_operation( &operation, input, input_size, part_size,
+ output, output_size, output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+ psa_cipher_abort( &operation );
+ return( status );
+}
+
+static psa_status_t cipher_decrypt( psa_key_handle_t key_handle,
+ psa_algorithm_t alg,
+ const uint8_t * iv,
+ size_t iv_size,
+ const uint8_t * input,
+ size_t input_size,
+ size_t part_size,
+ uint8_t * output,
+ size_t output_size,
+ size_t *output_len )
+{
+ psa_status_t status;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+
+ memset( &operation, 0, sizeof( operation ) );
+ status = psa_cipher_decrypt_setup( &operation, key_handle, alg );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_cipher_set_iv( &operation, iv, iv_size );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_operation( &operation, input, input_size, part_size,
+ output, output_size, output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+ psa_cipher_abort( &operation );
+ return( status );
+}
+
+static psa_status_t
+cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
+{
+ enum {
+ block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ key_bits = 256,
+ part_size = block_size,
+ };
+ const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
+
+ psa_status_t status;
+ psa_key_handle_t key_handle = 0;
+ size_t output_len = 0;
+ uint8_t iv[block_size];
+ uint8_t input[block_size];
+ uint8_t encrypt[block_size];
+ uint8_t decrypt[block_size];
+
+ status = psa_generate_random( input, sizeof( input ) );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_allocate_key( &key_handle );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = set_key_policy( key_handle,
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+ alg );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
+ NULL, 0 );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
+ input, sizeof( input ), part_size,
+ encrypt, sizeof( encrypt ), &output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
+ encrypt, output_len, part_size,
+ decrypt, sizeof( decrypt ), &output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = memcmp( input, decrypt, sizeof( input ) );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+ psa_destroy_key( key_handle );
+ return( status );
+}
+
+static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
+{
+ enum {
+ block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ key_bits = 256,
+ input_size = 100,
+ part_size = 10,
+ };
+
+ const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
+
+ psa_status_t status;
+ psa_key_handle_t key_handle = 0;
+ size_t output_len = 0;
+ uint8_t iv[block_size], input[input_size],
+ encrypt[input_size + block_size], decrypt[input_size + block_size];
+
+ status = psa_generate_random( input, sizeof( input ) );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_allocate_key( &key_handle );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = set_key_policy( key_handle,
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+ alg );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
+ NULL, 0 );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
+ input, sizeof( input ), part_size,
+ encrypt, sizeof( encrypt ), &output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
+ encrypt, output_len, part_size,
+ decrypt, sizeof( decrypt ), &output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = memcmp( input, decrypt, sizeof( input ) );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+ psa_destroy_key( key_handle );
+ return( status );
+}
+
+static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
+{
+ enum {
+ block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ key_bits = 256,
+ input_size = 100,
+ part_size = 10,
+ };
+ const psa_algorithm_t alg = PSA_ALG_CTR;
+
+ psa_status_t status;
+ psa_key_handle_t key_handle = 0;
+ size_t output_len = 0;
+ uint8_t iv[block_size], input[input_size], encrypt[input_size],
+ decrypt[input_size];
+
+ status = psa_generate_random( input, sizeof( input ) );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_allocate_key( &key_handle );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+ status = set_key_policy( key_handle,
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+ alg );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
+ NULL, 0 );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
+ input, sizeof( input ), part_size,
+ encrypt, sizeof( encrypt ), &output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
+ encrypt, output_len, part_size,
+ decrypt, sizeof( decrypt ), &output_len );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+ status = memcmp( input, decrypt, sizeof( input ) );
+ ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+ psa_destroy_key( key_handle );
+ return( status );
+}
+
+static void cipher_examples( void )
+{
+ psa_status_t status;
+
+ mbedtls_printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" );
+ status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( );
+ if( status == PSA_SUCCESS )
+ mbedtls_printf( "\tsuccess!\r\n" );
+
+ mbedtls_printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" );
+ status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( );
+ if( status == PSA_SUCCESS )
+ mbedtls_printf( "\tsuccess!\r\n" );
+
+ mbedtls_printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" );
+ status = cipher_example_encrypt_decrypt_aes_ctr_multi( );
+ if( status == PSA_SUCCESS )
+ mbedtls_printf( "\tsuccess!\r\n" );
+}
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+#include "mbedtls/platform_util.h"
+void mbedtls_param_failed( const char *failure_condition,
+ const char *file,
+ int line )
+{
+ mbedtls_printf( "%s:%i: Input param failed - %s\n",
+ file, line, failure_condition );
+ mbedtls_exit( MBEDTLS_EXIT_FAILURE );
+}
+#endif
+
+int main( void )
+{
+ ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+ cipher_examples( );
+exit:
+ mbedtls_psa_crypto_free( );
+ return( 0 );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC &&
+ MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
new file mode 100644
index 0000000..c9d7676
--- /dev/null
+++ b/programs/psa/key_ladder_demo.c
@@ -0,0 +1,726 @@
+/**
+ * PSA API key derivation demonstration
+ *
+ * This program calculates a key ladder: a chain of secret material, each
+ * derived from the previous one in a deterministic way based on a label.
+ * Two keys are identical if and only if they are derived from the same key
+ * using the same label.
+ *
+ * The initial key is called the master key. The master key is normally
+ * randomly generated, but it could itself be derived from another key.
+ *
+ * This program derives a series of keys called intermediate keys.
+ * The first intermediate key is derived from the master key using the
+ * first label passed on the command line. Each subsequent intermediate
+ * key is derived from the previous one using the next label passed
+ * on the command line.
+ *
+ * This program has four modes of operation:
+ *
+ * - "generate": generate a random master key.
+ * - "wrap": derive a wrapping key from the last intermediate key,
+ * and use that key to encrypt-and-authenticate some data.
+ * - "unwrap": derive a wrapping key from the last intermediate key,
+ * and use that key to decrypt-and-authenticate some
+ * ciphertext created by wrap mode.
+ * - "save": save the last intermediate key so that it can be reused as
+ * the master key in another run of the program.
+ *
+ * See the usage() output for the command line usage. See the file
+ * `key_ladder_demo.sh` for an example run.
+ */
+
+/* Copyright (C) 2018, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/* First include Mbed TLS headers to get the Mbed TLS configuration and
+ * platform definitions that we'll use in this program. Also include
+ * standard C headers for functions we'll use here. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#define mbedtls_printf printf
+#define mbedtls_exit exit
+#endif
+#include <stdio.h>
+#include <string.h>
+
+#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize
+
+/* If the build options we need are not enabled, compile a placeholder. */
+#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
+ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \
+ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO)
+int main( void )
+{
+ mbedtls_printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
+ "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or "
+ "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO not defined.\n");
+ return( 0 );
+}
+#else
+
+/* The real program starts here. */
+
+
+
+#include <psa/crypto.h>
+
+/* Run a system function and bail out if it fails. */
+#define SYS_CHECK( expr ) \
+ do \
+ { \
+ if( ! ( expr ) ) \
+ { \
+ perror( #expr ); \
+ status = DEMO_ERROR; \
+ goto exit; \
+ } \
+ } \
+ while( 0 )
+
+/* Run a PSA function and bail out if it fails. */
+#define PSA_CHECK( expr ) \
+ do \
+ { \
+ status = ( expr ); \
+ if( status != PSA_SUCCESS ) \
+ { \
+ mbedtls_printf( "Error %d at line %u: %s\n", \
+ (int) status, \
+ __LINE__, \
+ #expr ); \
+ goto exit; \
+ } \
+ } \
+ while( 0 )
+
+/* To report operational errors in this program, use an error code that is
+ * different from every PSA error code. */
+#define DEMO_ERROR 120
+
+/* The maximum supported key ladder depth. */
+#define MAX_LADDER_DEPTH 10
+
+/* Salt to use when deriving an intermediate key. */
+#define DERIVE_KEY_SALT ( (uint8_t *) "key_ladder_demo.derive" )
+#define DERIVE_KEY_SALT_LENGTH ( strlen( (const char*) DERIVE_KEY_SALT ) )
+
+/* Salt to use when deriving a wrapping key. */
+#define WRAPPING_KEY_SALT ( (uint8_t *) "key_ladder_demo.wrap" )
+#define WRAPPING_KEY_SALT_LENGTH ( strlen( (const char*) WRAPPING_KEY_SALT ) )
+
+/* Size of the key derivation keys (applies both to the master key and
+ * to intermediate keys). */
+#define KEY_SIZE_BYTES 40
+
+/* Algorithm for key derivation. */
+#define KDF_ALG PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
+/* Type and size of the key used to wrap data. */
+#define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES
+#define WRAPPING_KEY_BITS 128
+
+/* Cipher mode used to wrap data. */
+#define WRAPPING_ALG PSA_ALG_CCM
+
+/* Nonce size used to wrap data. */
+#define WRAPPING_IV_SIZE 13
+
+/* Header used in files containing wrapped data. We'll save this header
+ * directly without worrying about data representation issues such as
+ * integer sizes and endianness, because the data is meant to be read
+ * back by the same program on the same machine. */
+#define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte
+#define WRAPPED_DATA_MAGIC_LENGTH ( sizeof( WRAPPED_DATA_MAGIC ) )
+typedef struct
+{
+ char magic[WRAPPED_DATA_MAGIC_LENGTH];
+ size_t ad_size; /* Size of the additional data, which is this header. */
+ size_t payload_size; /* Size of the encrypted data. */
+ /* Store the IV inside the additional data. It's convenient. */
+ uint8_t iv[WRAPPING_IV_SIZE];
+} wrapped_data_header_t;
+
+/* The modes that this program can operate in (see usage). */
+enum program_mode
+{
+ MODE_GENERATE,
+ MODE_SAVE,
+ MODE_UNWRAP,
+ MODE_WRAP
+};
+
+/* Save a key to a file. In the real world, you may want to export a derived
+ * key sometimes, to share it with another party. */
+static psa_status_t save_key( psa_key_handle_t key_handle,
+ const char *output_file_name )
+{
+ psa_status_t status = PSA_SUCCESS;
+ uint8_t key_data[KEY_SIZE_BYTES];
+ size_t key_size;
+ FILE *key_file = NULL;
+
+ PSA_CHECK( psa_export_key( key_handle,
+ key_data, sizeof( key_data ),
+ &key_size ) );
+ SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL );
+ SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size );
+ SYS_CHECK( fclose( key_file ) == 0 );
+ key_file = NULL;
+
+exit:
+ if( key_file != NULL)
+ fclose( key_file );
+ return( status );
+}
+
+/* Generate a master key for use in this demo.
+ *
+ * Normally a master key would be non-exportable. For the purpose of this
+ * demo, we want to save it to a file, to avoid relying on the keystore
+ * capability of the PSA crypto library. */
+static psa_status_t generate( const char *key_file_name )
+{
+ psa_status_t status = PSA_SUCCESS;
+ psa_key_handle_t key_handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_CHECK( psa_allocate_key( &key_handle ) );
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+ KDF_ALG );
+ PSA_CHECK( psa_set_key_policy( key_handle, &policy ) );
+
+ PSA_CHECK( psa_generate_key( key_handle,
+ PSA_KEY_TYPE_DERIVE,
+ PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
+ NULL, 0 ) );
+
+ PSA_CHECK( save_key( key_handle, key_file_name ) );
+
+exit:
+ (void) psa_destroy_key( key_handle );
+ return( status );
+}
+
+/* Load the master key from a file.
+ *
+ * In the real world, this master key would be stored in an internal memory
+ * and the storage would be managed by the keystore capability of the PSA
+ * crypto library. */
+static psa_status_t import_key_from_file( psa_key_usage_t usage,
+ psa_algorithm_t alg,
+ const char *key_file_name,
+ psa_key_handle_t *master_key_handle )
+{
+ psa_status_t status = PSA_SUCCESS;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ uint8_t key_data[KEY_SIZE_BYTES];
+ size_t key_size;
+ FILE *key_file = NULL;
+ unsigned char extra_byte;
+
+ *master_key_handle = 0;
+
+ SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL );
+ SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ),
+ key_file ) ) != 0 );
+ if( fread( &extra_byte, 1, 1, key_file ) != 0 )
+ {
+ mbedtls_printf( "Key file too large (max: %u).\n",
+ (unsigned) sizeof( key_data ) );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+ SYS_CHECK( fclose( key_file ) == 0 );
+ key_file = NULL;
+
+ PSA_CHECK( psa_allocate_key( master_key_handle ) );
+ psa_key_policy_set_usage( &policy, usage, alg );
+ PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) );
+ PSA_CHECK( psa_import_key( *master_key_handle,
+ PSA_KEY_TYPE_DERIVE,
+ key_data, key_size ) );
+exit:
+ if( key_file != NULL )
+ fclose( key_file );
+ mbedtls_platform_zeroize( key_data, sizeof( key_data ) );
+ if( status != PSA_SUCCESS )
+ {
+ /* If psa_allocate_key hasn't been called yet or has failed,
+ * *master_key_handle is 0. psa_destroy_key(0) is guaranteed to do
+ * nothing and return PSA_ERROR_INVALID_HANDLE. */
+ (void) psa_destroy_key( *master_key_handle );
+ *master_key_handle = 0;
+ }
+ return( status );
+}
+
+/* Derive the intermediate keys, using the list of labels provided on
+ * the command line. On input, *key_handle is a handle to the master key.
+ * This function closes the master key. On successful output, *key_handle
+ * is a handle to the final derived key. */
+static psa_status_t derive_key_ladder( const char *ladder[],
+ size_t ladder_depth,
+ psa_key_handle_t *key_handle )
+{
+ psa_status_t status = PSA_SUCCESS;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ size_t i;
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+ KDF_ALG );
+
+ /* For each label in turn, ... */
+ for( i = 0; i < ladder_depth; i++ )
+ {
+ /* Start deriving material from the master key (if i=0) or from
+ * the current intermediate key (if i>0). */
+ PSA_CHECK( psa_key_derivation(
+ &generator,
+ *key_handle,
+ KDF_ALG,
+ DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH,
+ (uint8_t*) ladder[i], strlen( ladder[i] ),
+ KEY_SIZE_BYTES ) );
+ /* When the parent key is not the master key, destroy it,
+ * since it is no longer needed. */
+ PSA_CHECK( psa_close_key( *key_handle ) );
+ *key_handle = 0;
+ PSA_CHECK( psa_allocate_key( key_handle ) );
+ PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) );
+ /* Use the generator obtained from the parent key to create
+ * the next intermediate key. */
+ PSA_CHECK( psa_generator_import_key(
+ *key_handle,
+ PSA_KEY_TYPE_DERIVE,
+ PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
+ &generator ) );
+ PSA_CHECK( psa_generator_abort( &generator ) );
+ }
+
+exit:
+ psa_generator_abort( &generator );
+ if( status != PSA_SUCCESS )
+ {
+ psa_close_key( *key_handle );
+ *key_handle = 0;
+ }
+ return( status );
+}
+
+/* Derive a wrapping key from the last intermediate key. */
+static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
+ psa_key_handle_t derived_key_handle,
+ psa_key_handle_t *wrapping_key_handle )
+{
+ psa_status_t status = PSA_SUCCESS;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+
+ *wrapping_key_handle = 0;
+ PSA_CHECK( psa_allocate_key( wrapping_key_handle ) );
+ psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG );
+ PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) );
+
+ PSA_CHECK( psa_key_derivation(
+ &generator,
+ derived_key_handle,
+ KDF_ALG,
+ WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH,
+ NULL, 0,
+ PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) );
+ PSA_CHECK( psa_generator_import_key(
+ *wrapping_key_handle,
+ PSA_KEY_TYPE_AES,
+ WRAPPING_KEY_BITS,
+ &generator ) );
+
+exit:
+ psa_generator_abort( &generator );
+ if( status != PSA_SUCCESS )
+ {
+ psa_close_key( *wrapping_key_handle );
+ *wrapping_key_handle = 0;
+ }
+ return( status );
+}
+
+static psa_status_t wrap_data( const char *input_file_name,
+ const char *output_file_name,
+ psa_key_handle_t wrapping_key_handle )
+{
+ psa_status_t status;
+ FILE *input_file = NULL;
+ FILE *output_file = NULL;
+ long input_position;
+ size_t input_size;
+ size_t buffer_size = 0;
+ unsigned char *buffer = NULL;
+ size_t ciphertext_size;
+ wrapped_data_header_t header;
+
+ /* Find the size of the data to wrap. */
+ SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
+ SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 );
+ SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 );
+#if LONG_MAX > SIZE_MAX
+ if( input_position > SIZE_MAX )
+ {
+ mbedtls_printf( "Input file too large.\n" );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+#endif
+ input_size = input_position;
+ buffer_size = PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, input_size );
+ /* Check for integer overflow. */
+ if( buffer_size < input_size )
+ {
+ mbedtls_printf( "Input file too large.\n" );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+
+ /* Load the data to wrap. */
+ SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 );
+ SYS_CHECK( ( buffer = mbedtls_calloc( 1, buffer_size ) ) != NULL );
+ SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size );
+ SYS_CHECK( fclose( input_file ) == 0 );
+ input_file = NULL;
+
+ /* Construct a header. */
+ memcpy( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH );
+ header.ad_size = sizeof( header );
+ header.payload_size = input_size;
+
+ /* Wrap the data. */
+ PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) );
+ PSA_CHECK( psa_aead_encrypt( wrapping_key_handle, WRAPPING_ALG,
+ header.iv, WRAPPING_IV_SIZE,
+ (uint8_t *) &header, sizeof( header ),
+ buffer, input_size,
+ buffer, buffer_size,
+ &ciphertext_size ) );
+
+ /* Write the output. */
+ SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
+ SYS_CHECK( fwrite( &header, 1, sizeof( header ),
+ output_file ) == sizeof( header ) );
+ SYS_CHECK( fwrite( buffer, 1, ciphertext_size,
+ output_file ) == ciphertext_size );
+ SYS_CHECK( fclose( output_file ) == 0 );
+ output_file = NULL;
+
+exit:
+ if( input_file != NULL )
+ fclose( input_file );
+ if( output_file != NULL )
+ fclose( output_file );
+ if( buffer != NULL )
+ mbedtls_platform_zeroize( buffer, buffer_size );
+ mbedtls_free( buffer );
+ return( status );
+}
+
+static psa_status_t unwrap_data( const char *input_file_name,
+ const char *output_file_name,
+ psa_key_handle_t wrapping_key_handle )
+{
+ psa_status_t status;
+ FILE *input_file = NULL;
+ FILE *output_file = NULL;
+ unsigned char *buffer = NULL;
+ size_t ciphertext_size = 0;
+ size_t plaintext_size;
+ wrapped_data_header_t header;
+ unsigned char extra_byte;
+
+ /* Load and validate the header. */
+ SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
+ SYS_CHECK( fread( &header, 1, sizeof( header ),
+ input_file ) == sizeof( header ) );
+ if( memcmp( &header.magic, WRAPPED_DATA_MAGIC,
+ WRAPPED_DATA_MAGIC_LENGTH ) != 0 )
+ {
+ mbedtls_printf( "The input does not start with a valid magic header.\n" );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+ if( header.ad_size != sizeof( header ) )
+ {
+ mbedtls_printf( "The header size is not correct.\n" );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+ ciphertext_size =
+ PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, header.payload_size );
+ /* Check for integer overflow. */
+ if( ciphertext_size < header.payload_size )
+ {
+ mbedtls_printf( "Input file too large.\n" );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+
+ /* Load the payload data. */
+ SYS_CHECK( ( buffer = mbedtls_calloc( 1, ciphertext_size ) ) != NULL );
+ SYS_CHECK( fread( buffer, 1, ciphertext_size,
+ input_file ) == ciphertext_size );
+ if( fread( &extra_byte, 1, 1, input_file ) != 0 )
+ {
+ mbedtls_printf( "Extra garbage after ciphertext\n" );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+ SYS_CHECK( fclose( input_file ) == 0 );
+ input_file = NULL;
+
+ /* Unwrap the data. */
+ PSA_CHECK( psa_aead_decrypt( wrapping_key_handle, WRAPPING_ALG,
+ header.iv, WRAPPING_IV_SIZE,
+ (uint8_t *) &header, sizeof( header ),
+ buffer, ciphertext_size,
+ buffer, ciphertext_size,
+ &plaintext_size ) );
+ if( plaintext_size != header.payload_size )
+ {
+ mbedtls_printf( "Incorrect payload size in the header.\n" );
+ status = DEMO_ERROR;
+ goto exit;
+ }
+
+ /* Write the output. */
+ SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
+ SYS_CHECK( fwrite( buffer, 1, plaintext_size,
+ output_file ) == plaintext_size );
+ SYS_CHECK( fclose( output_file ) == 0 );
+ output_file = NULL;
+
+exit:
+ if( input_file != NULL )
+ fclose( input_file );
+ if( output_file != NULL )
+ fclose( output_file );
+ if( buffer != NULL )
+ mbedtls_platform_zeroize( buffer, ciphertext_size );
+ mbedtls_free( buffer );
+ return( status );
+}
+
+static psa_status_t run( enum program_mode mode,
+ const char *key_file_name,
+ const char *ladder[], size_t ladder_depth,
+ const char *input_file_name,
+ const char *output_file_name )
+{
+ psa_status_t status = PSA_SUCCESS;
+ psa_key_handle_t derivation_key_handle = 0;
+ psa_key_handle_t wrapping_key_handle = 0;
+
+ /* Initialize the PSA crypto library. */
+ PSA_CHECK( psa_crypto_init( ) );
+
+ /* Generate mode is unlike the others. Generate the master key and exit. */
+ if( mode == MODE_GENERATE )
+ return( generate( key_file_name ) );
+
+ /* Read the master key. */
+ PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+ KDF_ALG,
+ key_file_name,
+ &derivation_key_handle ) );
+
+ /* Calculate the derived key for this session. */
+ PSA_CHECK( derive_key_ladder( ladder, ladder_depth,
+ &derivation_key_handle ) );
+
+ switch( mode )
+ {
+ case MODE_SAVE:
+ PSA_CHECK( save_key( derivation_key_handle, output_file_name ) );
+ break;
+ case MODE_UNWRAP:
+ PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT,
+ derivation_key_handle,
+ &wrapping_key_handle ) );
+ PSA_CHECK( unwrap_data( input_file_name, output_file_name,
+ wrapping_key_handle ) );
+ break;
+ case MODE_WRAP:
+ PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT,
+ derivation_key_handle,
+ &wrapping_key_handle ) );
+ PSA_CHECK( wrap_data( input_file_name, output_file_name,
+ wrapping_key_handle ) );
+ break;
+ default:
+ /* Unreachable but some compilers don't realize it. */
+ break;
+ }
+
+exit:
+ /* Close any remaining key. Deinitializing the crypto library would do
+ * this anyway, but explicitly closing handles makes the code easier
+ * to reuse. */
+ (void) psa_close_key( derivation_key_handle );
+ (void) psa_close_key( wrapping_key_handle );
+ /* Deinitialize the PSA crypto library. */
+ mbedtls_psa_crypto_free( );
+ return( status );
+}
+
+static void usage( void )
+{
+ mbedtls_printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" );
+ mbedtls_printf( "Demonstrate the usage of a key derivation ladder.\n" );
+ mbedtls_printf( "\n" );
+ mbedtls_printf( "Modes:\n" );
+ mbedtls_printf( " generate Generate the master key\n" );
+ mbedtls_printf( " save Save the derived key\n" );
+ mbedtls_printf( " unwrap Unwrap (decrypt) input with the derived key\n" );
+ mbedtls_printf( " wrap Wrap (encrypt) input with the derived key\n" );
+ mbedtls_printf( "\n" );
+ mbedtls_printf( "Options:\n" );
+ mbedtls_printf( " input=FILENAME Input file (required for wrap/unwrap)\n" );
+ mbedtls_printf( " master=FILENAME File containing the master key (default: master.key)\n" );
+ mbedtls_printf( " output=FILENAME Output file (required for save/wrap/unwrap)\n" );
+ mbedtls_printf( " label=TEXT Label for the key derivation.\n" );
+ mbedtls_printf( " This may be repeated multiple times.\n" );
+ mbedtls_printf( " To get the same key, you must use the same master key\n" );
+ mbedtls_printf( " and the same sequence of labels.\n" );
+}
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+#include "mbedtls/platform_util.h"
+void mbedtls_param_failed( const char *failure_condition,
+ const char *file,
+ int line )
+{
+ mbedtls_printf( "%s:%i: Input param failed - %s\n",
+ file, line, failure_condition );
+ mbedtls_exit( MBEDTLS_EXIT_FAILURE );
+}
+#endif
+
+int main( int argc, char *argv[] )
+{
+ const char *key_file_name = "master.key";
+ const char *input_file_name = NULL;
+ const char *output_file_name = NULL;
+ const char *ladder[MAX_LADDER_DEPTH];
+ size_t ladder_depth = 0;
+ int i;
+ enum program_mode mode;
+ psa_status_t status;
+
+ if( argc <= 1 ||
+ strcmp( argv[1], "help" ) == 0 ||
+ strcmp( argv[1], "-help" ) == 0 ||
+ strcmp( argv[1], "--help" ) == 0 )
+ {
+ usage( );
+ return( MBEDTLS_EXIT_SUCCESS );
+ }
+
+ for( i = 2; i < argc; i++ )
+ {
+ char *q = strchr( argv[i], '=' );
+ if( q == NULL )
+ {
+ mbedtls_printf( "Missing argument to option %s\n", argv[i] );
+ goto usage_failure;
+ }
+ *q = 0;
+ ++q;
+ if( strcmp( argv[i], "input" ) == 0 )
+ input_file_name = q;
+ else if( strcmp( argv[i], "label" ) == 0 )
+ {
+ if( ladder_depth == MAX_LADDER_DEPTH )
+ {
+ mbedtls_printf( "Maximum ladder depth %u exceeded.\n",
+ (unsigned) MAX_LADDER_DEPTH );
+ return( MBEDTLS_EXIT_FAILURE );
+ }
+ ladder[ladder_depth] = q;
+ ++ladder_depth;
+ }
+ else if( strcmp( argv[i], "master" ) == 0 )
+ key_file_name = q;
+ else if( strcmp( argv[i], "output" ) == 0 )
+ output_file_name = q;
+ else
+ {
+ mbedtls_printf( "Unknown option: %s\n", argv[i] );
+ goto usage_failure;
+ }
+ }
+
+ if( strcmp( argv[1], "generate" ) == 0 )
+ mode = MODE_GENERATE;
+ else if( strcmp( argv[1], "save" ) == 0 )
+ mode = MODE_SAVE;
+ else if( strcmp( argv[1], "unwrap" ) == 0 )
+ mode = MODE_UNWRAP;
+ else if( strcmp( argv[1], "wrap" ) == 0 )
+ mode = MODE_WRAP;
+ else
+ {
+ mbedtls_printf( "Unknown action: %s\n", argv[1] );
+ goto usage_failure;
+ }
+
+ if( input_file_name == NULL &&
+ ( mode == MODE_WRAP || mode == MODE_UNWRAP ) )
+ {
+ mbedtls_printf( "Required argument missing: input\n" );
+ return( DEMO_ERROR );
+ }
+ if( output_file_name == NULL &&
+ ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) )
+ {
+ mbedtls_printf( "Required argument missing: output\n" );
+ return( DEMO_ERROR );
+ }
+
+ status = run( mode, key_file_name,
+ ladder, ladder_depth,
+ input_file_name, output_file_name );
+ return( status == PSA_SUCCESS ?
+ MBEDTLS_EXIT_SUCCESS :
+ MBEDTLS_EXIT_FAILURE );
+
+usage_failure:
+ usage( );
+ return( MBEDTLS_EXIT_FAILURE );
+}
+#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */
diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh
new file mode 100755
index 0000000..2cec945
--- /dev/null
+++ b/programs/psa/key_ladder_demo.sh
@@ -0,0 +1,49 @@
+#!/bin/sh
+set -e -u
+
+program="${0%/*}"/key_ladder_demo
+files_to_clean=
+
+run () {
+ echo
+ echo "# $1"
+ shift
+ echo "+ $*"
+ "$@"
+}
+
+if [ -e master.key ]; then
+ echo "# Reusing the existing master.key file."
+else
+ files_to_clean="$files_to_clean master.key"
+ run "Generate a master key." \
+ "$program" generate master=master.key
+fi
+
+files_to_clean="$files_to_clean input.txt hello_world.wrap"
+echo "Here is some input. See it wrapped." >input.txt
+run "Derive a key and wrap some data with it." \
+ "$program" wrap master=master.key label=hello label=world \
+ input=input.txt output=hello_world.wrap
+
+files_to_clean="$files_to_clean hello_world.txt"
+run "Derive the same key again and unwrap the data." \
+ "$program" unwrap master=master.key label=hello label=world \
+ input=hello_world.wrap output=hello_world.txt
+run "Compare the unwrapped data with the original input." \
+ cmp input.txt hello_world.txt
+
+files_to_clean="$files_to_clean hellow_orld.txt"
+! run "Derive a different key and attempt to unwrap the data. This must fail." \
+ "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld
+
+files_to_clean="$files_to_clean hello.key"
+run "Save the first step of the key ladder, then load it as a master key and construct the rest of the ladder." \
+ "$program" save master=master.key label=hello \
+ input=hello_world.wrap output=hello.key
+run "Check that we get the same key by unwrapping data made by the other key." \
+ "$program" unwrap master=hello.key label=world \
+ input=hello_world.wrap output=hello_world.txt
+
+# Cleanup
+rm -f $files_to_clean
diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c
new file mode 100644
index 0000000..5514100
--- /dev/null
+++ b/programs/psa/psa_constant_names.c
@@ -0,0 +1,266 @@
+#include <errno.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "psa/crypto.h"
+
+/* This block is present to support Visual Studio builds prior to 2015 */
+#if defined(_MSC_VER) && _MSC_VER < 1900
+#include <stdarg.h>
+int snprintf( char *s, size_t n, const char *fmt, ... )
+{
+ int ret;
+ va_list argp;
+
+ /* Avoid calling the invalid parameter handler by checking ourselves */
+ if( s == NULL || n == 0 || fmt == NULL )
+ return( -1 );
+
+ va_start( argp, fmt );
+#if defined(_TRUNCATE) && !defined(__MINGW32__)
+ ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp );
+#else
+ ret = _vsnprintf( s, n, fmt, argp );
+ if( ret < 0 || (size_t) ret == n )
+ {
+ s[n-1] = '\0';
+ ret = -1;
+ }
+#endif
+ va_end( argp );
+
+ return( ret );
+}
+#endif
+
+/* There are different GET_HASH macros for different kinds of algorithms
+ * built from hashes, but the values are all constructed on the
+ * same model. */
+#define PSA_ALG_GET_HASH(alg) \
+ (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
+
+static void append(char **buffer, size_t buffer_size,
+ size_t *required_size,
+ const char *string, size_t length)
+{
+ *required_size += length;
+ if (*required_size < buffer_size) {
+ memcpy(*buffer, string, length);
+ *buffer += length;
+ }
+}
+
+static void append_integer(char **buffer, size_t buffer_size,
+ size_t *required_size,
+ const char *format /*printf format for value*/,
+ unsigned long value)
+{
+ size_t n = snprintf(*buffer, buffer_size - *required_size, format, value);
+ if (n < buffer_size - *required_size) *buffer += n;
+ *required_size += n;
+}
+
+/* The code of these function is automatically generated and included below. */
+static const char *psa_ecc_curve_name(psa_ecc_curve_t curve);
+static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg);
+
+static void append_with_curve(char **buffer, size_t buffer_size,
+ size_t *required_size,
+ const char *string, size_t length,
+ psa_ecc_curve_t curve)
+{
+ const char *curve_name = psa_ecc_curve_name(curve);
+ append(buffer, buffer_size, required_size, string, length);
+ append(buffer, buffer_size, required_size, "(", 1);
+ if (curve_name != NULL) {
+ append(buffer, buffer_size, required_size,
+ curve_name, strlen(curve_name));
+ } else {
+ append_integer(buffer, buffer_size, required_size,
+ "0x%04x", curve);
+ }
+ append(buffer, buffer_size, required_size, ")", 1);
+}
+
+static void append_with_hash(char **buffer, size_t buffer_size,
+ size_t *required_size,
+ const char *string, size_t length,
+ psa_algorithm_t hash_alg)
+{
+ const char *hash_name = psa_hash_algorithm_name(hash_alg);
+ append(buffer, buffer_size, required_size, string, length);
+ append(buffer, buffer_size, required_size, "(", 1);
+ if (hash_name != NULL) {
+ append(buffer, buffer_size, required_size,
+ hash_name, strlen(hash_name));
+ } else {
+ append_integer(buffer, buffer_size, required_size,
+ "0x%08lx", hash_alg);
+ }
+ append(buffer, buffer_size, required_size, ")", 1);
+}
+
+#include "psa_constant_names_generated.c"
+
+static int psa_snprint_status(char *buffer, size_t buffer_size,
+ psa_status_t status)
+{
+ const char *name = psa_strerror(status);
+ if (name == NULL) {
+ return snprintf(buffer, buffer_size, "%ld", (long) status);
+ } else {
+ size_t length = strlen(name);
+ if (length < buffer_size) {
+ memcpy(buffer, name, length + 1);
+ return (int) length;
+ } else {
+ return (int) buffer_size;
+ }
+ }
+}
+
+static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size,
+ psa_ecc_curve_t curve)
+{
+ const char *name = psa_ecc_curve_name(curve);
+ if (name == NULL) {
+ return snprintf(buffer, buffer_size, "0x%04x", (unsigned) curve);
+ } else {
+ size_t length = strlen(name);
+ if (length < buffer_size) {
+ memcpy(buffer, name, length + 1);
+ return (int) length;
+ } else {
+ return (int) buffer_size;
+ }
+ }
+}
+
+static void usage(const char *program_name)
+{
+ printf("Usage: %s TYPE VALUE [VALUE...]\n",
+ program_name == NULL ? "psa_constant_names" : program_name);
+ printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n");
+ printf("Supported types (with = between aliases):\n");
+ printf(" alg=algorithm Algorithm (psa_algorithm_t)\n");
+ printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_curve_t)\n");
+ printf(" type=key_type Key type (psa_key_type_t)\n");
+ printf(" usage=key_usage Key usage (psa_key_usage_t)\n");
+ printf(" error=status Status code (psa_status_t)\n");
+}
+
+typedef enum {
+ TYPE_STATUS,
+} signed_value_type;
+
+int process_signed(signed_value_type type, long min, long max, char **argp)
+{
+ for (; *argp != NULL; argp++) {
+ char buffer[200];
+ char *end;
+ long value = strtol(*argp, &end, 0);
+ if (*end) {
+ printf("Non-numeric value: %s\n", *argp);
+ return EXIT_FAILURE;
+ }
+ if (value < min || (errno == ERANGE && value < 0)) {
+ printf("Value too small: %s\n", *argp);
+ return EXIT_FAILURE;
+ }
+ if (value > max || (errno == ERANGE && value > 0)) {
+ printf("Value too large: %s\n", *argp);
+ return EXIT_FAILURE;
+ }
+
+ switch (type) {
+ case TYPE_STATUS:
+ psa_snprint_status(buffer, sizeof(buffer),
+ (psa_status_t) value);
+ break;
+ }
+ puts(buffer);
+ }
+
+ return EXIT_SUCCESS;
+}
+
+typedef enum {
+ TYPE_ALGORITHM,
+ TYPE_ECC_CURVE,
+ TYPE_KEY_TYPE,
+ TYPE_KEY_USAGE,
+} unsigned_value_type;
+
+int process_unsigned(unsigned_value_type type, unsigned long max, char **argp)
+{
+ for (; *argp != NULL; argp++) {
+ char buffer[200];
+ char *end;
+ unsigned long value = strtoul(*argp, &end, 0);
+ if (*end) {
+ printf("Non-numeric value: %s\n", *argp);
+ return EXIT_FAILURE;
+ }
+ if (value > max || errno == ERANGE) {
+ printf("Value out of range: %s\n", *argp);
+ return EXIT_FAILURE;
+ }
+
+ switch (type) {
+ case TYPE_ALGORITHM:
+ psa_snprint_algorithm(buffer, sizeof(buffer),
+ (psa_algorithm_t) value);
+ break;
+ case TYPE_ECC_CURVE:
+ psa_snprint_ecc_curve(buffer, sizeof(buffer),
+ (psa_ecc_curve_t) value);
+ break;
+ case TYPE_KEY_TYPE:
+ psa_snprint_key_type(buffer, sizeof(buffer),
+ (psa_key_type_t) value);
+ break;
+ case TYPE_KEY_USAGE:
+ psa_snprint_key_usage(buffer, sizeof(buffer),
+ (psa_key_usage_t) value);
+ break;
+ }
+ puts(buffer);
+ }
+
+ return EXIT_SUCCESS;
+}
+
+int main(int argc, char *argv[])
+{
+ if (argc <= 1 ||
+ !strcmp(argv[1], "help") ||
+ !strcmp(argv[1], "--help"))
+ {
+ usage(argv[0]);
+ return EXIT_FAILURE;
+ }
+
+ if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status")) {
+ /* There's no way to obtain the actual range of a signed type,
+ * so hard-code it here: psa_status_t is int32_t. */
+ return process_signed(TYPE_STATUS, INT32_MIN, INT32_MAX,
+ argv + 2);
+ } else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm")) {
+ return process_unsigned(TYPE_ALGORITHM, (psa_algorithm_t) (-1),
+ argv + 2);
+ } else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve")) {
+ return process_unsigned(TYPE_ECC_CURVE, (psa_ecc_curve_t) (-1),
+ argv + 2);
+ } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) {
+ return process_unsigned(TYPE_KEY_TYPE, (psa_key_type_t) (-1),
+ argv + 2);
+ } else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage")) {
+ return process_unsigned(TYPE_KEY_USAGE, (psa_key_usage_t) (-1),
+ argv + 2);
+ } else {
+ printf("Unknown type: %s\n", argv[1]);
+ return EXIT_FAILURE;
+ }
+}
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index 1e65633..803920c 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -34,12 +34,14 @@
target_link_libraries(ssl_client1 ${libs})
add_executable(ssl_client2 ssl_client2.c)
+target_sources(ssl_client2 PUBLIC query_config.c)
target_link_libraries(ssl_client2 ${libs})
add_executable(ssl_server ssl_server.c)
target_link_libraries(ssl_server ${libs})
add_executable(ssl_server2 ssl_server2.c)
+target_sources(ssl_server2 PUBLIC query_config.c)
target_link_libraries(ssl_server2 ${libs})
add_executable(ssl_fork_server ssl_fork_server.c)
diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c
new file mode 100644
index 0000000..828d75d
--- /dev/null
+++ b/programs/ssl/query_config.c
@@ -0,0 +1,2595 @@
+/*
+ * Query Mbed TLS compile time configurations from config.h
+ *
+ * Copyright (C) 2018, Arm Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+
+/*
+ * Include all the headers with public APIs in case they define a macro to its
+ * default value when that configuration is not set in the config.h.
+ */
+#include "mbedtls/aes.h"
+#include "mbedtls/aesni.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/aria.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/des.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/ecjpake.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/error.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/havege.h"
+#include "mbedtls/hkdf.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/memory_buffer_alloc.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/nist_kw.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/padlock.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/pkcs11.h"
+#include "mbedtls/pkcs12.h"
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/platform_time.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/poly1305.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_cache.h"
+#include "mbedtls/ssl_ciphersuites.h"
+#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/ssl_ticket.h"
+#include "mbedtls/threading.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/version.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/xtea.h"
+
+#include <string.h>
+
+/*
+ * Helper macros to convert a macro or its expansion into a string
+ * WARNING: This does not work for expanding function-like macros. However,
+ * Mbed TLS does not currently have configuration options used in this fashion.
+ */
+#define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro)
+#define MACRO_NAME_TO_STR(macro) \
+ mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" )
+
+#if defined(_MSC_VER)
+/*
+ * Visual Studio throws the warning 4003 because many Mbed TLS feature macros
+ * are defined empty. This means that from the preprocessor's point of view
+ * the macro MBEDTLS_EXPANSION_TO_STR is being invoked without arguments as
+ * some macros expand to nothing. We suppress that specific warning to get a
+ * clean build and to ensure that tests treating warnings as errors do not
+ * fail.
+ */
+#pragma warning(push)
+#pragma warning(disable:4003)
+#endif /* _MSC_VER */
+
+int query_config( const char *config )
+{
+#if defined(MBEDTLS_HAVE_ASM)
+ if( strcmp( "MBEDTLS_HAVE_ASM", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_ASM );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HAVE_ASM */
+
+#if defined(MBEDTLS_NO_UDBL_DIVISION)
+ if( strcmp( "MBEDTLS_NO_UDBL_DIVISION", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_NO_UDBL_DIVISION );
+ return( 0 );
+ }
+#endif /* MBEDTLS_NO_UDBL_DIVISION */
+
+#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION)
+ if( strcmp( "MBEDTLS_NO_64BIT_MULTIPLICATION", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_NO_64BIT_MULTIPLICATION );
+ return( 0 );
+ }
+#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */
+
+#if defined(MBEDTLS_HAVE_SSE2)
+ if( strcmp( "MBEDTLS_HAVE_SSE2", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_SSE2 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HAVE_SSE2 */
+
+#if defined(MBEDTLS_HAVE_TIME)
+ if( strcmp( "MBEDTLS_HAVE_TIME", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HAVE_TIME */
+
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+ if( strcmp( "MBEDTLS_HAVE_TIME_DATE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME_DATE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
+#if defined(MBEDTLS_PLATFORM_MEMORY)
+ if( strcmp( "MBEDTLS_PLATFORM_MEMORY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_MEMORY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_MEMORY */
+
+#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
+ if( strcmp( "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NO_STD_FUNCTIONS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_EXIT_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_TIME_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_PRINTF_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
+
+#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+ if( strcmp( "MBEDTLS_DEPRECATED_WARNING", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_WARNING );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+
+#if defined(MBEDTLS_DEPRECATED_REMOVED)
+ if( strcmp( "MBEDTLS_DEPRECATED_REMOVED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_REMOVED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+#if defined(MBEDTLS_CHECK_PARAMS)
+ if( strcmp( "MBEDTLS_CHECK_PARAMS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_PARAMS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CHECK_PARAMS */
+
+#if defined(MBEDTLS_TIMING_ALT)
+ if( strcmp( "MBEDTLS_TIMING_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_TIMING_ALT */
+
+#if defined(MBEDTLS_AES_ALT)
+ if( strcmp( "MBEDTLS_AES_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_ALT */
+
+#if defined(MBEDTLS_ARC4_ALT)
+ if( strcmp( "MBEDTLS_ARC4_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ARC4_ALT */
+
+#if defined(MBEDTLS_ARIA_ALT)
+ if( strcmp( "MBEDTLS_ARIA_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ARIA_ALT */
+
+#if defined(MBEDTLS_BLOWFISH_ALT)
+ if( strcmp( "MBEDTLS_BLOWFISH_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_BLOWFISH_ALT */
+
+#if defined(MBEDTLS_CAMELLIA_ALT)
+ if( strcmp( "MBEDTLS_CAMELLIA_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CAMELLIA_ALT */
+
+#if defined(MBEDTLS_CCM_ALT)
+ if( strcmp( "MBEDTLS_CCM_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CCM_ALT */
+
+#if defined(MBEDTLS_CHACHA20_ALT)
+ if( strcmp( "MBEDTLS_CHACHA20_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CHACHA20_ALT */
+
+#if defined(MBEDTLS_CHACHAPOLY_ALT)
+ if( strcmp( "MBEDTLS_CHACHAPOLY_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
+
+#if defined(MBEDTLS_CMAC_ALT)
+ if( strcmp( "MBEDTLS_CMAC_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CMAC_ALT */
+
+#if defined(MBEDTLS_DES_ALT)
+ if( strcmp( "MBEDTLS_DES_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DES_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DES_ALT */
+
+#if defined(MBEDTLS_DHM_ALT)
+ if( strcmp( "MBEDTLS_DHM_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DHM_ALT */
+
+#if defined(MBEDTLS_ECJPAKE_ALT)
+ if( strcmp( "MBEDTLS_ECJPAKE_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECJPAKE_ALT */
+
+#if defined(MBEDTLS_GCM_ALT)
+ if( strcmp( "MBEDTLS_GCM_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_GCM_ALT */
+
+#if defined(MBEDTLS_NIST_KW_ALT)
+ if( strcmp( "MBEDTLS_NIST_KW_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_NIST_KW_ALT */
+
+#if defined(MBEDTLS_MD2_ALT)
+ if( strcmp( "MBEDTLS_MD2_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD2_ALT */
+
+#if defined(MBEDTLS_MD4_ALT)
+ if( strcmp( "MBEDTLS_MD4_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD4_ALT */
+
+#if defined(MBEDTLS_MD5_ALT)
+ if( strcmp( "MBEDTLS_MD5_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD5_ALT */
+
+#if defined(MBEDTLS_POLY1305_ALT)
+ if( strcmp( "MBEDTLS_POLY1305_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_POLY1305_ALT */
+
+#if defined(MBEDTLS_RIPEMD160_ALT)
+ if( strcmp( "MBEDTLS_RIPEMD160_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_RIPEMD160_ALT */
+
+#if defined(MBEDTLS_RSA_ALT)
+ if( strcmp( "MBEDTLS_RSA_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_SHA1_ALT)
+ if( strcmp( "MBEDTLS_SHA1_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA1_ALT */
+
+#if defined(MBEDTLS_SHA256_ALT)
+ if( strcmp( "MBEDTLS_SHA256_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA256_ALT */
+
+#if defined(MBEDTLS_SHA512_ALT)
+ if( strcmp( "MBEDTLS_SHA512_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA512_ALT */
+
+#if defined(MBEDTLS_XTEA_ALT)
+ if( strcmp( "MBEDTLS_XTEA_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_XTEA_ALT */
+
+#if defined(MBEDTLS_ECP_ALT)
+ if( strcmp( "MBEDTLS_ECP_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_ALT */
+
+#if defined(MBEDTLS_MD2_PROCESS_ALT)
+ if( strcmp( "MBEDTLS_MD2_PROCESS_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_PROCESS_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD2_PROCESS_ALT */
+
+#if defined(MBEDTLS_MD4_PROCESS_ALT)
+ if( strcmp( "MBEDTLS_MD4_PROCESS_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_PROCESS_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD4_PROCESS_ALT */
+
+#if defined(MBEDTLS_MD5_PROCESS_ALT)
+ if( strcmp( "MBEDTLS_MD5_PROCESS_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_PROCESS_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD5_PROCESS_ALT */
+
+#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
+ if( strcmp( "MBEDTLS_RIPEMD160_PROCESS_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_PROCESS_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA1_PROCESS_ALT)
+ if( strcmp( "MBEDTLS_SHA1_PROCESS_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_PROCESS_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA1_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA256_PROCESS_ALT)
+ if( strcmp( "MBEDTLS_SHA256_PROCESS_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_PROCESS_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA256_PROCESS_ALT */
+
+#if defined(MBEDTLS_SHA512_PROCESS_ALT)
+ if( strcmp( "MBEDTLS_SHA512_PROCESS_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_PROCESS_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA512_PROCESS_ALT */
+
+#if defined(MBEDTLS_DES_SETKEY_ALT)
+ if( strcmp( "MBEDTLS_DES_SETKEY_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DES_SETKEY_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DES_SETKEY_ALT */
+
+#if defined(MBEDTLS_DES_CRYPT_ECB_ALT)
+ if( strcmp( "MBEDTLS_DES_CRYPT_ECB_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DES_CRYPT_ECB_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
+ if( strcmp( "MBEDTLS_DES3_CRYPT_ECB_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DES3_CRYPT_ECB_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+ if( strcmp( "MBEDTLS_AES_SETKEY_ENC_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_ENC_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */
+
+#if defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+ if( strcmp( "MBEDTLS_AES_SETKEY_DEC_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_DEC_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */
+
+#if defined(MBEDTLS_AES_ENCRYPT_ALT)
+ if( strcmp( "MBEDTLS_AES_ENCRYPT_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ENCRYPT_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_ENCRYPT_ALT */
+
+#if defined(MBEDTLS_AES_DECRYPT_ALT)
+ if( strcmp( "MBEDTLS_AES_DECRYPT_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_DECRYPT_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_DECRYPT_ALT */
+
+#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
+ if( strcmp( "MBEDTLS_ECDH_GEN_PUBLIC_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_GEN_PUBLIC_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
+
+#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
+ if( strcmp( "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_COMPUTE_SHARED_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
+
+#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+ if( strcmp( "MBEDTLS_ECDSA_VERIFY_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_VERIFY_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
+
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+ if( strcmp( "MBEDTLS_ECDSA_SIGN_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_SIGN_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+
+#if defined(MBEDTLS_ECDSA_GENKEY_ALT)
+ if( strcmp( "MBEDTLS_ECDSA_GENKEY_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_GENKEY_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+ if( strcmp( "MBEDTLS_ECP_INTERNAL_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_INTERNAL_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+ if( strcmp( "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_JAC_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+ if( strcmp( "MBEDTLS_ECP_ADD_MIXED_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ADD_MIXED_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
+
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+ if( strcmp( "MBEDTLS_ECP_DOUBLE_JAC_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_JAC_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+ if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+ if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+ if( strcmp( "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+ if( strcmp( "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_MXZ_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+ if( strcmp( "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_MXZ_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+ if( strcmp( "MBEDTLS_TEST_NULL_ENTROPY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_NULL_ENTROPY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_TEST_NULL_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+ if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_HARDWARE_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
+
+#if defined(MBEDTLS_AES_ROM_TABLES)
+ if( strcmp( "MBEDTLS_AES_ROM_TABLES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ROM_TABLES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_ROM_TABLES */
+
+#if defined(MBEDTLS_AES_FEWER_TABLES)
+ if( strcmp( "MBEDTLS_AES_FEWER_TABLES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_FEWER_TABLES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_FEWER_TABLES */
+
+#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
+ if( strcmp( "MBEDTLS_CAMELLIA_SMALL_MEMORY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_SMALL_MEMORY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+ if( strcmp( "MBEDTLS_CIPHER_MODE_CBC", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CBC );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+ if( strcmp( "MBEDTLS_CIPHER_MODE_CFB", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CFB );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+ if( strcmp( "MBEDTLS_CIPHER_MODE_CTR", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CTR );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+ if( strcmp( "MBEDTLS_CIPHER_MODE_OFB", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_OFB );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_XTS)
+ if( strcmp( "MBEDTLS_CIPHER_MODE_XTS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_XTS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_MODE_XTS */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+ if( strcmp( "MBEDTLS_CIPHER_NULL_CIPHER", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_NULL_CIPHER );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+ if( strcmp( "MBEDTLS_CIPHER_PADDING_PKCS7", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_PKCS7 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+ if( strcmp( "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+ if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+ if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
+
+#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
+ if( strcmp( "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENABLE_WEAK_CIPHERSUITES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
+
+#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
+ if( strcmp( "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_ARC4_CIPHERSUITES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP224R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP256R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP384R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP384R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP521R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP521R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP192K1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192K1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP224K1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224K1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_SECP256K1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256K1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_BP256R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP256R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_BP384R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP384R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_BP512R1_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP512R1_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_CURVE25519_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE25519_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+ if( strcmp( "MBEDTLS_ECP_DP_CURVE448_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE448_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
+
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+ if( strcmp( "MBEDTLS_ECP_NIST_OPTIM", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NIST_OPTIM );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+ if( strcmp( "MBEDTLS_ECP_RESTARTABLE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RESTARTABLE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_RESTARTABLE */
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+ if( strcmp( "MBEDTLS_ECDSA_DETERMINISTIC", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_DETERMINISTIC );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+ if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+ if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_EC_EXTENDED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
+
+#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+ if( strcmp( "MBEDTLS_ERROR_STRERROR_DUMMY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_STRERROR_DUMMY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */
+
+#if defined(MBEDTLS_GENPRIME)
+ if( strcmp( "MBEDTLS_GENPRIME", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_GENPRIME );
+ return( 0 );
+ }
+#endif /* MBEDTLS_GENPRIME */
+
+#if defined(MBEDTLS_FS_IO)
+ if( strcmp( "MBEDTLS_FS_IO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_FS_IO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+ if( strcmp( "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
+
+#if defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+ if( strcmp( "MBEDTLS_NO_PLATFORM_ENTROPY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_NO_PLATFORM_ENTROPY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_FORCE_SHA256)
+ if( strcmp( "MBEDTLS_ENTROPY_FORCE_SHA256", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_FORCE_SHA256 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+ if( strcmp( "MBEDTLS_ENTROPY_NV_SEED", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_NV_SEED );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+ if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
+
+#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+ if( strcmp( "MBEDTLS_MEMORY_DEBUG", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_DEBUG );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+ if( strcmp( "MBEDTLS_MEMORY_BACKTRACE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BACKTRACE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MEMORY_BACKTRACE */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+ if( strcmp( "MBEDTLS_PK_RSA_ALT_SUPPORT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PK_RSA_ALT_SUPPORT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+#if defined(MBEDTLS_PKCS1_V15)
+ if( strcmp( "MBEDTLS_PKCS1_V15", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V15 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PKCS1_V15 */
+
+#if defined(MBEDTLS_PKCS1_V21)
+ if( strcmp( "MBEDTLS_PKCS1_V21", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V21 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_SPM", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SPM );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_SPM */
+
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+ if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+ if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_NO_CRT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+#if defined(MBEDTLS_SELF_TEST)
+ if( strcmp( "MBEDTLS_SELF_TEST", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SELF_TEST );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SELF_TEST */
+
+#if defined(MBEDTLS_SHA256_SMALLER)
+ if( strcmp( "MBEDTLS_SHA256_SMALLER", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_SMALLER );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA256_SMALLER */
+
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+ if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+ if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+ if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DEBUG_ALL */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+ if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+ if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+ if( strcmp( "MBEDTLS_SSL_FALLBACK_SCSV", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_FALLBACK_SCSV );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+ if( strcmp( "MBEDTLS_SSL_HW_RECORD_ACCEL", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_HW_RECORD_ACCEL );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+ if( strcmp( "MBEDTLS_SSL_CBC_RECORD_SPLITTING", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CBC_RECORD_SPLITTING );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+ if( strcmp( "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
+
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+ if( strcmp( "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+ if( strcmp( "MBEDTLS_SSL_PROTO_SSL3", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_SSL3 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+ if( strcmp( "MBEDTLS_SSL_PROTO_TLS1", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+ if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_1", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_1 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+ if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_ALPN */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+ if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+ if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+ if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+ if( strcmp( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_BADMAC_LIMIT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+ if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+ if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+ if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT)
+ if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */
+
+#if defined(MBEDTLS_THREADING_ALT)
+ if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_THREADING_ALT */
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+ if( strcmp( "MBEDTLS_THREADING_PTHREAD", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_PTHREAD );
+ return( 0 );
+ }
+#endif /* MBEDTLS_THREADING_PTHREAD */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( strcmp( "MBEDTLS_USE_PSA_CRYPTO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_USE_PSA_CRYPTO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#if defined(MBEDTLS_VERSION_FEATURES)
+ if( strcmp( "MBEDTLS_VERSION_FEATURES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_FEATURES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_VERSION_FEATURES */
+
+#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
+ if( strcmp( "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */
+
+#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+ if( strcmp( "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+ if( strcmp( "MBEDTLS_X509_CHECK_KEY_USAGE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_KEY_USAGE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+ if( strcmp( "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+ if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+ if( strcmp( "MBEDTLS_ZLIB_SUPPORT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ZLIB_SUPPORT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+#if defined(MBEDTLS_AESNI_C)
+ if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AESNI_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AESNI_C */
+
+#if defined(MBEDTLS_AES_C)
+ if( strcmp( "MBEDTLS_AES_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_AES_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+ if( strcmp( "MBEDTLS_ARC4_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+ if( strcmp( "MBEDTLS_ASN1_PARSE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_PARSE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_ASN1_WRITE_C)
+ if( strcmp( "MBEDTLS_ASN1_WRITE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_WRITE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ASN1_WRITE_C */
+
+#if defined(MBEDTLS_BASE64_C)
+ if( strcmp( "MBEDTLS_BASE64_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_BASE64_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_BIGNUM_C)
+ if( strcmp( "MBEDTLS_BIGNUM_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_BIGNUM_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_BLOWFISH_C)
+ if( strcmp( "MBEDTLS_BLOWFISH_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+ if( strcmp( "MBEDTLS_CAMELLIA_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_ARIA_C)
+ if( strcmp( "MBEDTLS_ARIA_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ARIA_C */
+
+#if defined(MBEDTLS_CCM_C)
+ if( strcmp( "MBEDTLS_CCM_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_CERTS_C)
+ if( strcmp( "MBEDTLS_CERTS_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CERTS_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CERTS_C */
+
+#if defined(MBEDTLS_CHACHA20_C)
+ if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CHACHA20_C */
+
+#if defined(MBEDTLS_CHACHAPOLY_C)
+ if( strcmp( "MBEDTLS_CHACHAPOLY_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
+#if defined(MBEDTLS_CIPHER_C)
+ if( strcmp( "MBEDTLS_CIPHER_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_CMAC_C)
+ if( strcmp( "MBEDTLS_CMAC_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CMAC_C */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ if( strcmp( "MBEDTLS_CTR_DRBG_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CTR_DRBG_C */
+
+#if defined(MBEDTLS_DEBUG_C)
+ if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DEBUG_C */
+
+#if defined(MBEDTLS_DES_C)
+ if( strcmp( "MBEDTLS_DES_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DES_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_DHM_C)
+ if( strcmp( "MBEDTLS_DHM_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_DHM_C */
+
+#if defined(MBEDTLS_ECDH_C)
+ if( strcmp( "MBEDTLS_ECDH_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDH_C */
+
+#if defined(MBEDTLS_ECDSA_C)
+ if( strcmp( "MBEDTLS_ECDSA_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_ECJPAKE_C)
+ if( strcmp( "MBEDTLS_ECJPAKE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECJPAKE_C */
+
+#if defined(MBEDTLS_ECP_C)
+ if( strcmp( "MBEDTLS_ECP_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_ENTROPY_C)
+ if( strcmp( "MBEDTLS_ENTROPY_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENTROPY_C */
+
+#if defined(MBEDTLS_ERROR_C)
+ if( strcmp( "MBEDTLS_ERROR_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ERROR_C */
+
+#if defined(MBEDTLS_GCM_C)
+ if( strcmp( "MBEDTLS_GCM_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_HAVEGE_C)
+ if( strcmp( "MBEDTLS_HAVEGE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HAVEGE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HAVEGE_C */
+
+#if defined(MBEDTLS_HKDF_C)
+ if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HKDF_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HKDF_C */
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+ if( strcmp( "MBEDTLS_HMAC_DRBG_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HMAC_DRBG_C */
+
+#if defined(MBEDTLS_NIST_KW_C)
+ if( strcmp( "MBEDTLS_NIST_KW_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_NIST_KW_C */
+
+#if defined(MBEDTLS_MD_C)
+ if( strcmp( "MBEDTLS_MD_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_MD2_C)
+ if( strcmp( "MBEDTLS_MD2_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD2_C */
+
+#if defined(MBEDTLS_MD4_C)
+ if( strcmp( "MBEDTLS_MD4_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD4_C */
+
+#if defined(MBEDTLS_MD5_C)
+ if( strcmp( "MBEDTLS_MD5_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MD5_C */
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ if( strcmp( "MBEDTLS_MEMORY_BUFFER_ALLOC_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BUFFER_ALLOC_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+
+#if defined(MBEDTLS_NET_C)
+ if( strcmp( "MBEDTLS_NET_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_NET_C */
+
+#if defined(MBEDTLS_OID_C)
+ if( strcmp( "MBEDTLS_OID_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_OID_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_OID_C */
+
+#if defined(MBEDTLS_PADLOCK_C)
+ if( strcmp( "MBEDTLS_PADLOCK_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PADLOCK_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PADLOCK_C */
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+ if( strcmp( "MBEDTLS_PEM_PARSE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_PARSE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+ if( strcmp( "MBEDTLS_PEM_WRITE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_WRITE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#if defined(MBEDTLS_PK_C)
+ if( strcmp( "MBEDTLS_PK_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PK_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PK_C */
+
+#if defined(MBEDTLS_PK_PARSE_C)
+ if( strcmp( "MBEDTLS_PK_PARSE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+ if( strcmp( "MBEDTLS_PK_WRITE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PK_WRITE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PK_WRITE_C */
+
+#if defined(MBEDTLS_PKCS5_C)
+ if( strcmp( "MBEDTLS_PKCS5_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS5_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PKCS5_C */
+
+#if defined(MBEDTLS_PKCS11_C)
+ if( strcmp( "MBEDTLS_PKCS11_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS11_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PKCS11_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+ if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS12_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PKCS12_C */
+
+#if defined(MBEDTLS_PLATFORM_C)
+ if( strcmp( "MBEDTLS_PLATFORM_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_C */
+
+#if defined(MBEDTLS_POLY1305_C)
+ if( strcmp( "MBEDTLS_POLY1305_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_POLY1305_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+ if( strcmp( "MBEDTLS_RIPEMD160_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_RIPEMD160_C */
+
+#if defined(MBEDTLS_RSA_C)
+ if( strcmp( "MBEDTLS_RSA_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_SHA1_C)
+ if( strcmp( "MBEDTLS_SHA1_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+ if( strcmp( "MBEDTLS_SHA256_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+ if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+ if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_CACHE_C */
+
+#if defined(MBEDTLS_SSL_COOKIE_C)
+ if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_COOKIE_C */
+
+#if defined(MBEDTLS_SSL_TICKET_C)
+ if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_TICKET_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+ if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_SRV_C)
+ if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_TLS_C)
+ if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#if defined(MBEDTLS_THREADING_C)
+ if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_THREADING_C */
+
+#if defined(MBEDTLS_TIMING_C)
+ if( strcmp( "MBEDTLS_TIMING_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_TIMING_C */
+
+#if defined(MBEDTLS_VERSION_C)
+ if( strcmp( "MBEDTLS_VERSION_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_VERSION_C */
+
+#if defined(MBEDTLS_X509_USE_C)
+ if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_USE_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+ if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+ if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+ if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+
+#if defined(MBEDTLS_X509_CREATE_C)
+ if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CREATE_C */
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C)
+ if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CRT_WRITE_C */
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+ if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
+
+#if defined(MBEDTLS_XTEA_C)
+ if( strcmp( "MBEDTLS_XTEA_C", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_C );
+ return( 0 );
+ }
+#endif /* MBEDTLS_XTEA_C */
+
+#if defined(MBEDTLS_MPI_WINDOW_SIZE)
+ if( strcmp( "MBEDTLS_MPI_WINDOW_SIZE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_WINDOW_SIZE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MPI_WINDOW_SIZE */
+
+#if defined(MBEDTLS_MPI_MAX_SIZE)
+ if( strcmp( "MBEDTLS_MPI_MAX_SIZE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_MAX_SIZE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MPI_MAX_SIZE */
+
+#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
+ if( strcmp( "MBEDTLS_CTR_DRBG_ENTROPY_LEN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_ENTROPY_LEN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */
+
+#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
+ if( strcmp( "MBEDTLS_CTR_DRBG_RESEED_INTERVAL", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_RESEED_INTERVAL );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
+ if( strcmp( "MBEDTLS_CTR_DRBG_MAX_INPUT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_INPUT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
+ if( strcmp( "MBEDTLS_CTR_DRBG_MAX_REQUEST", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_REQUEST );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */
+
+#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
+ if( strcmp( "MBEDTLS_CTR_DRBG_MAX_SEED_INPUT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */
+
+#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
+ if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY );
+ return( 0 );
+ }
+#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */
+
+#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
+ if( strcmp( "MBEDTLS_HMAC_DRBG_RESEED_INTERVAL", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_RESEED_INTERVAL );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
+ if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_INPUT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_INPUT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
+ if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_REQUEST", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_REQUEST );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */
+
+#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
+ if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */
+
+#if defined(MBEDTLS_ECP_MAX_BITS)
+ if( strcmp( "MBEDTLS_ECP_MAX_BITS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_MAX_BITS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_MAX_BITS */
+
+#if defined(MBEDTLS_ECP_WINDOW_SIZE)
+ if( strcmp( "MBEDTLS_ECP_WINDOW_SIZE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_WINDOW_SIZE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_WINDOW_SIZE */
+
+#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
+ if( strcmp( "MBEDTLS_ECP_FIXED_POINT_OPTIM", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_FIXED_POINT_OPTIM );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
+
+#if defined(MBEDTLS_ENTROPY_MAX_SOURCES)
+ if( strcmp( "MBEDTLS_ENTROPY_MAX_SOURCES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_SOURCES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */
+
+#if defined(MBEDTLS_ENTROPY_MAX_GATHER)
+ if( strcmp( "MBEDTLS_ENTROPY_MAX_GATHER", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_GATHER );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENTROPY_MAX_GATHER */
+
+#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
+ if( strcmp( "MBEDTLS_ENTROPY_MIN_HARDWARE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MIN_HARDWARE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */
+
+#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE)
+ if( strcmp( "MBEDTLS_MEMORY_ALIGN_MULTIPLE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_ALIGN_MULTIPLE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */
+
+#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_MEM_HDR", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_MEM_HDR );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */
+
+#if defined(MBEDTLS_PLATFORM_STD_CALLOC)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_CALLOC", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_CALLOC );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_CALLOC */
+
+#if defined(MBEDTLS_PLATFORM_STD_FREE)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_FREE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FREE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_FREE */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_EXIT */
+
+#if defined(MBEDTLS_PLATFORM_STD_TIME)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_TIME", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_TIME );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_TIME */
+
+#if defined(MBEDTLS_PLATFORM_STD_FPRINTF)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_FPRINTF", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FPRINTF );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_PRINTF)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_PRINTF", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_PRINTF );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_PRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_SNPRINTF", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_SNPRINTF );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_SUCCESS", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_SUCCESS );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_FAILURE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_FAILURE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_READ", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_READ );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_WRITE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE)
+ if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_FILE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_FILE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */
+
+#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_CALLOC_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_CALLOC_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_FREE_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_FREE_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FREE_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_FREE_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_EXIT_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_TIME_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_TIME_TYPE_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_TYPE_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_PRINTF_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_READ_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
+ if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */
+
+#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
+ if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */
+
+#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
+ if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */
+
+#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN)
+ if( strcmp( "MBEDTLS_SSL_MAX_CONTENT_LEN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_CONTENT_LEN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_IN_CONTENT_LEN)
+ if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
+ if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */
+
+#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING)
+ if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */
+
+#if defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME)
+ if( strcmp( "MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME */
+
+#if defined(MBEDTLS_PSK_MAX_LEN)
+ if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSK_MAX_LEN */
+
+#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT)
+ if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */
+
+#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
+ if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */
+
+#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
+ if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN );
+ return( 0 );
+ }
+#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */
+
+#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES)
+ if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES );
+ return( 0 );
+ }
+#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES */
+
+#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
+ if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE );
+ return( 0 );
+ }
+#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */
+
+#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
+
+#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
+ if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */
+
+ /* If the symbol is not found, return an error */
+ return( 1 );
+}
+
+#if defined(_MSC_VER)
+#pragma warning(pop)
+#endif /* _MSC_VER */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 1ce10b6..c2a8d42 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -62,6 +62,11 @@
#include "mbedtls/debug.h"
#include "mbedtls/timing.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -83,7 +88,9 @@
#define DFL_CA_PATH ""
#define DFL_CRT_FILE ""
#define DFL_KEY_FILE ""
+#define DFL_KEY_OPAQUE 0
#define DFL_PSK ""
+#define DFL_PSK_OPAQUE 0
#define DFL_PSK_IDENTITY "Client_identity"
#define DFL_ECJPAKE_PW NULL
#define DFL_EC_MAX_OPS -1
@@ -133,14 +140,36 @@
#define USAGE_IO \
" No file operations available (MBEDTLS_FS_IO not defined)\n"
#endif /* MBEDTLS_FS_IO */
-#else
+#else /* MBEDTLS_X509_CRT_PARSE_C */
#define USAGE_IO ""
#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+#define USAGE_KEY_OPAQUE \
+ " key_opaque=%%d Handle your private key as if it were opaque\n" \
+ " default: 0 (disabled)\n"
+#else
+#define USAGE_KEY_OPAQUE ""
+#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-#define USAGE_PSK \
+#define USAGE_PSK_RAW \
" psk=%%s default: \"\" (in hex, without 0x)\n" \
" psk_identity=%%s default: \"Client_identity\"\n"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USAGE_PSK_SLOT \
+ " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \
+ " Enable this to store the PSK configured through command line\n" \
+ " parameter `psk` in a PSA-based key slot.\n" \
+ " Note: Currently only supported in conjunction with\n" \
+ " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \
+ " to force a particular PSK-only ciphersuite.\n" \
+ " Note: This is to test integration of PSA-based opaque PSKs with\n" \
+ " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \
+ " with prepopulated key slots instead of importing raw key material.\n"
+#else
+#define USAGE_PSK_SLOT ""
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
#else
#define USAGE_PSK ""
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
@@ -282,6 +311,7 @@
" auth_mode=%%s default: (library default: none)\n" \
" options: none, optional, required\n" \
USAGE_IO \
+ USAGE_KEY_OPAQUE \
"\n" \
USAGE_PSK \
USAGE_ECJPAKE \
@@ -312,6 +342,10 @@
" options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \
"\n" \
" force_ciphersuite=<name> default: all enabled\n"\
+ " query_config=<name> return 0 if the specified\n" \
+ " configuration macro is defined and 1\n" \
+ " otherwise. The expansion of the macro\n" \
+ " is printed if it is defined\n" \
" acceptable ciphersuite names:\n"
#define ALPN_LIST_SIZE 10
@@ -348,6 +382,10 @@
const char *ca_path; /* the path with the CA certificate(s) reside */
const char *crt_file; /* the file with the client certificate */
const char *key_file; /* the file with the client key */
+ int key_opaque; /* handle private key as if it were opaque */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ int psk_opaque;
+#endif
const char *psk; /* the pre-shared key */
const char *psk_identity; /* the pre-shared key identity */
const char *ecjpake_pw; /* the EC J-PAKE password */
@@ -383,6 +421,8 @@
int etm; /* negotiate encrypt then mac? */
} opt;
+int query_config( const char *config );
+
static void my_debug( void *ctx, int level,
const char *file, int line,
const char *str )
@@ -551,6 +591,13 @@
const char *pers = "ssl_client2";
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_key_handle_t slot = 0;
+ psa_algorithm_t alg = 0;
+ psa_key_policy_t policy;
+ psa_status_t status;
+#endif
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
@@ -567,6 +614,9 @@
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
mbedtls_pk_context pkey;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_key_handle_t key_slot = 0; /* invalid key slot */
+#endif
#endif
char *p, *q;
const int *list;
@@ -588,6 +638,17 @@
memset( (void * ) alpn_list, 0, sizeof( alpn_list ) );
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ status = psa_crypto_init();
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+ (int) status );
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+#endif
+
if( argc == 0 )
{
usage:
@@ -624,7 +685,11 @@
opt.ca_path = DFL_CA_PATH;
opt.crt_file = DFL_CRT_FILE;
opt.key_file = DFL_KEY_FILE;
+ opt.key_opaque = DFL_KEY_OPAQUE;
opt.psk = DFL_PSK;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ opt.psk_opaque = DFL_PSK_OPAQUE;
+#endif
opt.psk_identity = DFL_PSK_IDENTITY;
opt.ecjpake_pw = DFL_ECJPAKE_PW;
opt.ec_max_ops = DFL_EC_MAX_OPS;
@@ -723,8 +788,16 @@
opt.crt_file = q;
else if( strcmp( p, "key_file" ) == 0 )
opt.key_file = q;
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+ else if( strcmp( p, "key_opaque" ) == 0 )
+ opt.key_opaque = atoi( q );
+#endif
else if( strcmp( p, "psk" ) == 0 )
opt.psk = q;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ else if( strcmp( p, "psk_opaque" ) == 0 )
+ opt.psk_opaque = atoi( q );
+#endif
else if( strcmp( p, "psk_identity" ) == 0 )
opt.psk_identity = q;
else if( strcmp( p, "ecjpake_pw" ) == 0 )
@@ -992,6 +1065,10 @@
if( opt.dhmlen < 0 )
goto usage;
}
+ else if( strcmp( p, "query_config" ) == 0 )
+ {
+ return query_config( q );
+ }
else
goto usage;
}
@@ -1009,57 +1086,6 @@
mbedtls_debug_set_threshold( opt.debug_level );
#endif
- if( opt.force_ciphersuite[0] > 0 )
- {
- const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
- ciphersuite_info =
- mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
-
- if( opt.max_version != -1 &&
- ciphersuite_info->min_minor_ver > opt.max_version )
- {
- mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
- ret = 2;
- goto usage;
- }
- if( opt.min_version != -1 &&
- ciphersuite_info->max_minor_ver < opt.min_version )
- {
- mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
- ret = 2;
- goto usage;
- }
-
- /* If the server selects a version that's not supported by
- * this suite, then there will be no common ciphersuite... */
- if( opt.max_version == -1 ||
- opt.max_version > ciphersuite_info->max_minor_ver )
- {
- opt.max_version = ciphersuite_info->max_minor_ver;
- }
- if( opt.min_version < ciphersuite_info->min_minor_ver )
- {
- opt.min_version = ciphersuite_info->min_minor_ver;
- /* DTLS starts with TLS 1.1 */
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
- opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
- opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
- }
-
- /* Enable RC4 if needed and not explicitly disabled */
- if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
- {
- if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED )
- {
- mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" );
- ret = 2;
- goto usage;
- }
-
- opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
- }
- }
-
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
/*
* Unhexify the pre-shared key if any is given
@@ -1110,6 +1136,101 @@
}
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 )
+ {
+ if( opt.psk == NULL )
+ {
+ mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" );
+ ret = 2;
+ goto usage;
+ }
+
+ if( opt.force_ciphersuite[0] <= 0 )
+ {
+ mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+ ret = 2;
+ goto usage;
+ }
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ if( opt.force_ciphersuite[0] > 0 )
+ {
+ const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+ ciphersuite_info =
+ mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
+
+ if( opt.max_version != -1 &&
+ ciphersuite_info->min_minor_ver > opt.max_version )
+ {
+ mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
+ ret = 2;
+ goto usage;
+ }
+ if( opt.min_version != -1 &&
+ ciphersuite_info->max_minor_ver < opt.min_version )
+ {
+ mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
+ ret = 2;
+ goto usage;
+ }
+
+ /* If the server selects a version that's not supported by
+ * this suite, then there will be no common ciphersuite... */
+ if( opt.max_version == -1 ||
+ opt.max_version > ciphersuite_info->max_minor_ver )
+ {
+ opt.max_version = ciphersuite_info->max_minor_ver;
+ }
+ if( opt.min_version < ciphersuite_info->min_minor_ver )
+ {
+ opt.min_version = ciphersuite_info->min_minor_ver;
+ /* DTLS starts with TLS 1.1 */
+ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+ opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
+ opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+ }
+
+ /* Enable RC4 if needed and not explicitly disabled */
+ if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
+ {
+ if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED )
+ {
+ mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" );
+ ret = 2;
+ goto usage;
+ }
+
+ opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
+ }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 )
+ {
+ /* Ensure that the chosen ciphersuite is PSK-only; we must know
+ * the ciphersuite in advance to set the correct policy for the
+ * PSK key slot. This limitation might go away in the future. */
+ if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
+ opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
+ {
+ mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+ ret = 2;
+ goto usage;
+ }
+
+ /* Determine KDF algorithm the opaque PSK will be used in. */
+#if defined(MBEDTLS_SHA512_C)
+ if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
+ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+ else
+#endif /* MBEDTLS_SHA512_C */
+ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ }
+
#if defined(MBEDTLS_ECP_C)
if( opt.curves != NULL )
{
@@ -1306,7 +1427,20 @@
goto exit;
}
- mbedtls_printf( " ok\n" );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.key_opaque != 0 )
+ {
+ if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
+ PSA_ALG_SHA_256 ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! "
+ "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", -ret );
+ goto exit;
+ }
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+ mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/*
@@ -1481,6 +1615,45 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 )
+ {
+ /* The algorithm has already been determined earlier. */
+ status = psa_allocate_key( &slot );
+ if( status != PSA_SUCCESS )
+ {
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+
+ status = psa_set_key_policy( slot, &policy );
+ if( status != PSA_SUCCESS )
+ {
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+
+ status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len );
+ if( status != PSA_SUCCESS )
+ {
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+
+ if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot,
+ (const unsigned char *) opt.psk_identity,
+ strlen( opt.psk_identity ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
+ ret );
+ goto exit;
+ }
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
(const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) ) ) != 0 )
@@ -1489,7 +1662,7 @@
ret );
goto exit;
}
-#endif
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
if( opt.min_version != DFL_MIN_VERSION )
mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
@@ -2113,6 +2286,9 @@
mbedtls_x509_crt_free( &clicert );
mbedtls_x509_crt_free( &cacert );
mbedtls_pk_free( &pkey );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_destroy_key( key_slot );
+#endif
#endif
mbedtls_ssl_session_free( &saved_session );
mbedtls_ssl_free( &ssl );
@@ -2120,6 +2296,26 @@
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
+ defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 )
+ {
+ /* This is ok even if the slot hasn't been
+ * initialized (we might have jumed here
+ * immediately because of bad cmd line params,
+ * for example). */
+ status = psa_destroy_key( slot );
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_printf( "Failed to destroy key slot %u - error was %d",
+ (unsigned) slot, (int) status );
+ if( ret == 0 )
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ }
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED &&
+ MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(_WIN32)
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index d23a55e..7858db3 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -63,6 +63,11 @@
#include "mbedtls/debug.h"
#include "mbedtls/timing.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -122,6 +127,8 @@
#define DFL_ASYNC_PRIVATE_DELAY2 ( -1 )
#define DFL_ASYNC_PRIVATE_ERROR ( 0 )
#define DFL_PSK ""
+#define DFL_PSK_OPAQUE 0
+#define DFL_PSK_LIST_OPAQUE 0
#define DFL_PSK_IDENTITY "Client_identity"
#define DFL_ECJPAKE_PW NULL
#define DFL_PSK_LIST NULL
@@ -223,9 +230,37 @@
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-#define USAGE_PSK \
- " psk=%%s default: \"\" (in hex, without 0x)\n" \
+#define USAGE_PSK_RAW \
+ " psk=%%s default: \"\" (in hex, without 0x)\n" \
+ " psk_list=%%s default: \"\"\n" \
+ " A list of (PSK identity, PSK value) pairs.\n" \
+ " The PSK values are in hex, without 0x.\n" \
+ " id1,psk1[,id2,psk2[,...]]\n" \
" psk_identity=%%s default: \"Client_identity\"\n"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USAGE_PSK_SLOT \
+ " psk_opaque=%%d default: 0 (don't use opaque static PSK)\n" \
+ " Enable this to store the PSK configured through command line\n" \
+ " parameter `psk` in a PSA-based key slot.\n" \
+ " Note: Currently only supported in conjunction with\n" \
+ " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \
+ " to force a particular PSK-only ciphersuite.\n" \
+ " Note: This is to test integration of PSA-based opaque PSKs with\n" \
+ " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \
+ " with prepopulated key slots instead of importing raw key material.\n" \
+ " psk_list_opaque=%%d default: 0 (don't use opaque dynamic PSKs)\n" \
+ " Enable this to store the list of dynamically chosen PSKs configured\n" \
+ " through the command line parameter `psk_list` in PSA-based key slots.\n" \
+ " Note: Currently only supported in conjunction with\n" \
+ " the use of min_version to force TLS 1.2 and force_ciphersuite \n" \
+ " to force a particular PSK-only ciphersuite.\n" \
+ " Note: This is to test integration of PSA-based opaque PSKs with\n" \
+ " Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \
+ " with prepopulated key slots instead of importing raw key material.\n"
+#else
+#define USAGE_PSK_SLOT ""
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
#else
#define USAGE_PSK ""
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
@@ -411,6 +446,10 @@
" in order from ssl3 to tls1_2\n" \
" default: all enabled\n" \
" force_ciphersuite=<name> default: all enabled\n" \
+ " query_config=<name> return 0 if the specified\n" \
+ " configuration macro is defined and 1\n" \
+ " otherwise. The expansion of the macro\n" \
+ " is printed if it is defined\n" \
" acceptable ciphersuite names:\n"
@@ -464,6 +503,10 @@
int async_private_delay1; /* number of times f_async_resume needs to be called for key 1, or -1 for no async */
int async_private_delay2; /* number of times f_async_resume needs to be called for key 2, or -1 for no async */
int async_private_error; /* inject error in async private callback */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ int psk_opaque;
+ int psk_list_opaque;
+#endif
const char *psk; /* the pre-shared key */
const char *psk_identity; /* the pre-shared key identity */
char *psk_list; /* list of PSK id/key pairs for callback */
@@ -504,6 +547,8 @@
int badmac_limit; /* Limit of records with bad MAC */
} opt;
+int query_config( const char *config );
+
static void my_debug( void *ctx, int level,
const char *file, int line,
const char *str )
@@ -782,22 +827,39 @@
const char *name;
size_t key_len;
unsigned char key[MBEDTLS_PSK_MAX_LEN];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_key_handle_t slot;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
psk_entry *next;
};
/*
* Free a list of psk_entry's
*/
-void psk_free( psk_entry *head )
+int psk_free( psk_entry *head )
{
psk_entry *next;
while( head != NULL )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_status_t status;
+ psa_key_handle_t const slot = head->slot;
+
+ if( slot != 0 )
+ {
+ status = psa_destroy_key( slot );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
next = head->next;
mbedtls_free( head );
head = next;
}
+
+ return( 0 );
}
/*
@@ -855,6 +917,11 @@
if( name_len == strlen( cur->name ) &&
memcmp( name, cur->name, name_len ) == 0 )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( cur->slot != 0 )
+ return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) );
+ else
+#endif
return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) );
}
@@ -1185,12 +1252,46 @@
return( 0 );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot,
+ psa_algorithm_t alg,
+ unsigned char *psk,
+ size_t psk_len )
+{
+ psa_status_t status;
+ psa_key_policy_t policy;
+
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+
+ status = psa_set_key_policy( slot, &policy );
+ if( status != PSA_SUCCESS )
+ {
+ fprintf( stderr, "POLICY\n" );
+ return( status );
+ }
+
+ status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len );
+ if( status != PSA_SUCCESS )
+ {
+ fprintf( stderr, "IMPORT\n" );
+ return( status );
+ }
+
+ return( PSA_SUCCESS );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
int main( int argc, char *argv[] )
{
int ret = 0, len, written, frags, exchanges_left;
int version_suites[4][2];
unsigned char* buf = 0;
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_algorithm_t alg = 0;
+ psa_key_handle_t psk_slot = 0;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char psk[MBEDTLS_PSK_MAX_LEN];
size_t psk_len = 0;
psk_entry *psk_info = NULL;
@@ -1253,6 +1354,9 @@
int i;
char *p, *q;
const int *list;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_status_t status;
+#endif
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
@@ -1292,6 +1396,17 @@
mbedtls_ssl_cookie_init( &cookie_ctx );
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ status = psa_crypto_init();
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+ (int) status );
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+#endif
+
#if !defined(_WIN32)
/* Abort cleanly on SIGTERM and SIGINT */
signal( SIGTERM, term_handler );
@@ -1339,6 +1454,10 @@
opt.async_private_delay2 = DFL_ASYNC_PRIVATE_DELAY2;
opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR;
opt.psk = DFL_PSK;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ opt.psk_opaque = DFL_PSK_OPAQUE;
+ opt.psk_list_opaque = DFL_PSK_LIST_OPAQUE;
+#endif
opt.psk_identity = DFL_PSK_IDENTITY;
opt.psk_list = DFL_PSK_LIST;
opt.ecjpake_pw = DFL_ECJPAKE_PW;
@@ -1467,6 +1586,12 @@
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
else if( strcmp( p, "psk" ) == 0 )
opt.psk = q;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ else if( strcmp( p, "psk_opaque" ) == 0 )
+ opt.psk_opaque = atoi( q );
+ else if( strcmp( p, "psk_list_opaque" ) == 0 )
+ opt.psk_list_opaque = atoi( q );
+#endif
else if( strcmp( p, "psk_identity" ) == 0 )
opt.psk_identity = q;
else if( strcmp( p, "psk_list" ) == 0 )
@@ -1752,6 +1877,10 @@
{
opt.sni = q;
}
+ else if( strcmp( p, "query_config" ) == 0 )
+ {
+ return query_config( q );
+ }
else
goto usage;
}
@@ -1776,6 +1905,42 @@
goto exit;
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 )
+ {
+ if( strlen( opt.psk ) == 0 )
+ {
+ mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" );
+ ret = 2;
+ goto usage;
+ }
+
+ if( opt.force_ciphersuite[0] <= 0 )
+ {
+ mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+ ret = 2;
+ goto usage;
+ }
+ }
+
+ if( opt.psk_list_opaque != 0 )
+ {
+ if( opt.psk_list == NULL )
+ {
+ mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" );
+ ret = 2;
+ goto usage;
+ }
+
+ if( opt.force_ciphersuite[0] <= 0 )
+ {
+ mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+ ret = 2;
+ goto usage;
+ }
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
if( opt.force_ciphersuite[0] > 0 )
{
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
@@ -1825,6 +1990,30 @@
opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 )
+ {
+ /* Ensure that the chosen ciphersuite is PSK-only; we must know
+ * the ciphersuite in advance to set the correct policy for the
+ * PSK key slot. This limitation might go away in the future. */
+ if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
+ opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
+ {
+ mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+ ret = 2;
+ goto usage;
+ }
+
+ /* Determine KDF algorithm the opaque PSK will be used in. */
+#if defined(MBEDTLS_SHA512_C)
+ if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
+ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+ else
+#endif /* MBEDTLS_SHA512_C */
+ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
}
if( opt.version_suites != NULL )
@@ -2498,12 +2687,42 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+
if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
{
- ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
- (const unsigned char *) opt.psk_identity,
- strlen( opt.psk_identity ) );
- if( ret != 0 )
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 )
+ {
+ status = psa_allocate_key( &psk_slot );
+ if( status != PSA_SUCCESS )
+ {
+ fprintf( stderr, "ALLOC FAIL\n" );
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+
+ /* The algorithm has already been determined earlier. */
+ status = psa_setup_psk_key_slot( psk_slot, alg, psk, psk_len );
+ if( status != PSA_SUCCESS )
+ {
+ fprintf( stderr, "SETUP FAIL\n" );
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+ if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot,
+ (const unsigned char *) opt.psk_identity,
+ strlen( opt.psk_identity ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
+ ret );
+ goto exit;
+ }
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+ if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
+ (const unsigned char *) opt.psk_identity,
+ strlen( opt.psk_identity ) ) ) != 0 )
{
mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret );
goto exit;
@@ -2511,7 +2730,34 @@
}
if( opt.psk_list != NULL )
+ {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_list_opaque != 0 )
+ {
+ psk_entry *cur_psk;
+ for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )
+ {
+ status = psa_allocate_key( &cur_psk->slot );
+ if( status != PSA_SUCCESS )
+ {
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+
+ status = psa_setup_psk_key_slot( cur_psk->slot, alg,
+ cur_psk->key,
+ cur_psk->key_len );
+ if( status != PSA_SUCCESS )
+ {
+ ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+ goto exit;
+ }
+ }
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
+ }
#endif
#if defined(MBEDTLS_DHM_C)
@@ -3140,12 +3386,31 @@
sni_free( sni_info );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
- psk_free( psk_info );
+ if( ( ret = psk_free( psk_info ) ) != 0 )
+ mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
#endif
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
mbedtls_dhm_free( &dhm );
#endif
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
+ defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( opt.psk_opaque != 0 )
+ {
+ /* This is ok even if the slot hasn't been
+ * initialized (we might have jumed here
+ * immediately because of bad cmd line params,
+ * for example). */
+ status = psa_destroy_key( psk_slot );
+ if( status != PSA_SUCCESS )
+ {
+ mbedtls_printf( "Failed to destroy key slot %u - error was %d",
+ (unsigned) psk_slot, (int) status );
+ }
+ }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED &&
+ MBEDTLS_USE_PSA_CRYPTO */
+
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 9ca0cb2..65ff249 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -30,6 +30,10 @@
add_executable(zeroize zeroize.c)
target_link_libraries(zeroize ${libs})
-install(TARGETS selftest benchmark ssl_cert_test udp_proxy
+add_executable(query_compile_time_config query_compile_time_config.c)
+target_sources(query_compile_time_config PUBLIC ../ssl/query_config.c)
+target_link_libraries(query_compile_time_config ${libs})
+
+install(TARGETS selftest benchmark ssl_cert_test udp_proxy query_compile_time_config
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c
new file mode 100644
index 0000000..17becf2
--- /dev/null
+++ b/programs/test/query_compile_time_config.c
@@ -0,0 +1,56 @@
+/*
+ * Query the Mbed TLS compile time configuration
+ *
+ * Copyright (C) 2018, Arm Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif
+
+#define USAGE \
+ "usage: %s <MBEDTLS_CONFIG>\n\n" \
+ "This program takes one command line argument which corresponds to\n" \
+ "the string representation of a Mbed TLS compile time configuration.\n" \
+ "The value 0 will be returned if this configuration is defined in the\n" \
+ "Mbed TLS build and the macro expansion of that configuration will be\n" \
+ "printed (if any). Otherwise, 1 will be returned.\n"
+
+int query_config( const char *config );
+
+int main( int argc, char *argv[] )
+{
+ if ( argc != 2 )
+ {
+ mbedtls_printf( USAGE, argv[0] );
+ return( MBEDTLS_EXIT_FAILURE );
+ }
+
+ return( query_config( argv[1] ) );
+}
diff --git a/scripts/abi_check.py b/scripts/abi_check.py
index 8f9cd0f..fe5dd3f 100755
--- a/scripts/abi_check.py
+++ b/scripts/abi_check.py
@@ -64,7 +64,7 @@
)
git_worktree_path = tempfile.mkdtemp()
worktree_process = subprocess.Popen(
- [self.git_command, "worktree", "add", git_worktree_path, git_rev],
+ [self.git_command, "worktree", "add", "--detach", git_worktree_path, git_rev],
cwd=self.repo_path,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
@@ -75,6 +75,18 @@
raise Exception("Checking out worktree failed, aborting")
return git_worktree_path
+ def update_git_submodules(self, git_worktree_path):
+ process = subprocess.Popen(
+ [self.git_command, "submodule", "update", "--init", '--recursive'],
+ cwd=git_worktree_path,
+ stdout=subprocess.PIPE,
+ stderr=subprocess.STDOUT
+ )
+ output, _ = process.communicate()
+ self.log.info(output.decode("utf-8"))
+ if process.returncode != 0:
+ raise Exception("git submodule update failed, aborting")
+
def build_shared_libraries(self, git_worktree_path):
my_environment = os.environ.copy()
my_environment["CFLAGS"] = "-g -Og"
@@ -131,6 +143,7 @@
def get_abi_dump_for_ref(self, git_rev):
git_worktree_path = self.get_clean_worktree_for_git_revision(git_rev)
+ self.update_git_submodules(git_worktree_path)
self.build_shared_libraries(git_worktree_path)
abi_dumps = self.get_abi_dumps_from_shared_libraries(
git_rev, git_worktree_path
diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh
index fc8b800..c39a86a 100755
--- a/scripts/bump_version.sh
+++ b/scripts/bump_version.sh
@@ -132,6 +132,9 @@
[ $VERBOSE ] && echo "Re-generating library/error.c"
scripts/generate_errors.pl
+[ $VERBOSE ] && echo "Re-generating programs/ssl/query_config.c"
+scripts/generate_query_config.pl
+
[ $VERBOSE ] && echo "Re-generating library/version_features.c"
scripts/generate_features.pl
diff --git a/scripts/config.pl b/scripts/config.pl
index 3d2884c..e141b41 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -36,6 +36,8 @@
# - this could be enabled if the respective tests were adapted
# MBEDTLS_ZLIB_SUPPORT
# MBEDTLS_PKCS11_C
+# MBEDTLS_USE_PSA_CRYPTO
+# - experimental, and more an alternative implementation than a feature
# and any symbol beginning _ALT
#
@@ -96,6 +98,11 @@
MBEDTLS_PKCS11_C
MBEDTLS_NO_UDBL_DIVISION
MBEDTLS_NO_64BIT_MULTIPLICATION
+MBEDTLS_PSA_CRYPTO_SPM
+MBEDTLS_PSA_HAS_ITS_IO
+MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
+MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+MBEDTLS_USE_PSA_CRYPTO
_ALT\s*$
);
@@ -115,6 +122,10 @@
MBEDTLS_MEMORY_BUFFER_ALLOC_C
MBEDTLS_PLATFORM_TIME_ALT
MBEDTLS_PLATFORM_FPRINTF_ALT
+MBEDTLS_PSA_CRYPTO_STORAGE_C
+MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+MBEDTLS_PSA_HAS_ITS_IO
);
# Things that should be enabled in "full" even if they match @excluded
diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt
new file mode 100644
index 0000000..064da4c
--- /dev/null
+++ b/scripts/data_files/query_config.fmt
@@ -0,0 +1,139 @@
+/*
+ * Query Mbed TLS compile time configurations from config.h
+ *
+ * Copyright (C) 2018, Arm Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+
+/*
+ * Include all the headers with public APIs in case they define a macro to its
+ * default value when that configuration is not set in the config.h.
+ */
+#include "mbedtls/aes.h"
+#include "mbedtls/aesni.h"
+#include "mbedtls/arc4.h"
+#include "mbedtls/aria.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/chacha20.h"
+#include "mbedtls/chachapoly.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/des.h"
+#include "mbedtls/dhm.h"
+#include "mbedtls/ecdh.h"
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/ecjpake.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+#include "mbedtls/error.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/havege.h"
+#include "mbedtls/hkdf.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/memory_buffer_alloc.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/nist_kw.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/padlock.h"
+#include "mbedtls/pem.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/pkcs11.h"
+#include "mbedtls/pkcs12.h"
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/platform_time.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/poly1305.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_cache.h"
+#include "mbedtls/ssl_ciphersuites.h"
+#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/ssl_internal.h"
+#include "mbedtls/ssl_ticket.h"
+#include "mbedtls/threading.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/version.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/xtea.h"
+
+#include <string.h>
+
+/*
+ * Helper macros to convert a macro or its expansion into a string
+ * WARNING: This does not work for expanding function-like macros. However,
+ * Mbed TLS does not currently have configuration options used in this fashion.
+ */
+#define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro)
+#define MACRO_NAME_TO_STR(macro) \
+ mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" )
+
+#if defined(_MSC_VER)
+/*
+ * Visual Studio throws the warning 4003 because many Mbed TLS feature macros
+ * are defined empty. This means that from the preprocessor's point of view
+ * the macro MBEDTLS_EXPANSION_TO_STR is being invoked without arguments as
+ * some macros expand to nothing. We suppress that specific warning to get a
+ * clean build and to ensure that tests treating warnings as errors do not
+ * fail.
+ */
+#pragma warning(push)
+#pragma warning(disable:4003)
+#endif /* _MSC_VER */
+
+int query_config( const char *config )
+{
+CHECK_CONFIG /* If the symbol is not found, return an error */
+ return( 1 );
+}
+
+#if defined(_MSC_VER)
+#pragma warning(pop)
+#endif /* _MSC_VER */
diff --git a/scripts/data_files/vs2010-app-template.vcxproj b/scripts/data_files/vs2010-app-template.vcxproj
index de18f9d8..fac9812 100644
--- a/scripts/data_files/vs2010-app-template.vcxproj
+++ b/scripts/data_files/vs2010-app-template.vcxproj
Binary files differ
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
new file mode 100755
index 0000000..382fd23
--- /dev/null
+++ b/scripts/generate_psa_constants.py
@@ -0,0 +1,304 @@
+#!/usr/bin/env python
+import os
+import re
+import sys
+
+output_template = '''\
+/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */
+
+static const char *psa_strerror(psa_status_t status)
+{
+ switch (status) {
+ %(status_cases)s
+ default: return NULL;
+ }
+}
+
+static const char *psa_ecc_curve_name(psa_ecc_curve_t curve)
+{
+ switch (curve) {
+ %(ecc_curve_cases)s
+ default: return NULL;
+ }
+}
+
+static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg)
+{
+ switch (hash_alg) {
+ %(hash_algorithm_cases)s
+ default: return NULL;
+ }
+}
+
+static int psa_snprint_key_type(char *buffer, size_t buffer_size,
+ psa_key_type_t type)
+{
+ size_t required_size = 0;
+ switch (type) {
+ %(key_type_cases)s
+ default:
+ %(key_type_code)s{
+ return snprintf(buffer, buffer_size,
+ "0x%%08lx", (unsigned long) type);
+ }
+ break;
+ }
+ buffer[0] = 0;
+ return (int) required_size;
+}
+
+static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
+ psa_algorithm_t alg)
+{
+ size_t required_size = 0;
+ psa_algorithm_t core_alg = alg;
+ unsigned long length_modifier = 0;
+ if (PSA_ALG_IS_MAC(alg)) {
+ core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0);
+ if (core_alg != alg) {
+ append(&buffer, buffer_size, &required_size,
+ "PSA_ALG_TRUNCATED_MAC(", 22);
+ length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
+ }
+ } else if (PSA_ALG_IS_AEAD(alg)) {
+ core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg);
+ if (core_alg == 0) {
+ /* For unknown AEAD algorithms, there is no "default tag length". */
+ core_alg = alg;
+ } else if (core_alg != alg) {
+ append(&buffer, buffer_size, &required_size,
+ "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29);
+ length_modifier = PSA_AEAD_TAG_LENGTH(alg);
+ }
+ }
+ switch (core_alg) {
+ %(algorithm_cases)s
+ default:
+ %(algorithm_code)s{
+ append_integer(&buffer, buffer_size, &required_size,
+ "0x%%08lx", (unsigned long) core_alg);
+ }
+ break;
+ }
+ if (core_alg != alg) {
+ append(&buffer, buffer_size, &required_size, ", ", 2);
+ append_integer(&buffer, buffer_size, &required_size,
+ "%%lu", length_modifier);
+ append(&buffer, buffer_size, &required_size, ")", 1);
+ }
+ buffer[0] = 0;
+ return (int) required_size;
+}
+
+static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
+ psa_key_usage_t usage)
+{
+ size_t required_size = 0;
+ if (usage == 0) {
+ if (buffer_size > 1) {
+ buffer[0] = '0';
+ buffer[1] = 0;
+ } else if (buffer_size == 1) {
+ buffer[0] = 0;
+ }
+ return 1;
+ }
+%(key_usage_code)s
+ if (usage != 0) {
+ if (required_size != 0) {
+ append(&buffer, buffer_size, &required_size, " | ", 3);
+ }
+ append_integer(&buffer, buffer_size, &required_size,
+ "0x%%08lx", (unsigned long) usage);
+ } else {
+ buffer[0] = 0;
+ }
+ return (int) required_size;
+}
+
+/* End of automatically generated file. */
+'''
+
+key_type_from_curve_template = '''if (%(tester)s(type)) {
+ append_with_curve(&buffer, buffer_size, &required_size,
+ "%(builder)s", %(builder_length)s,
+ PSA_KEY_TYPE_GET_CURVE(type));
+ } else '''
+
+algorithm_from_hash_template = '''if (%(tester)s(core_alg)) {
+ append_with_hash(&buffer, buffer_size, &required_size,
+ "%(builder)s", %(builder_length)s,
+ PSA_ALG_GET_HASH(core_alg));
+ } else '''
+
+bit_test_template = '''\
+ if (%(var)s & %(flag)s) {
+ if (required_size != 0) {
+ append(&buffer, buffer_size, &required_size, " | ", 3);
+ }
+ append(&buffer, buffer_size, &required_size, "%(flag)s", %(length)d);
+ %(var)s ^= %(flag)s;
+ }\
+'''
+
+class MacroCollector:
+ def __init__(self):
+ self.statuses = set()
+ self.key_types = set()
+ self.key_types_from_curve = {}
+ self.ecc_curves = set()
+ self.algorithms = set()
+ self.hash_algorithms = set()
+ self.algorithms_from_hash = {}
+ self.key_usages = set()
+
+ # "#define" followed by a macro name with either no parameters
+ # or a single parameter. Grab the macro name in group 1, the
+ # parameter name if any in group 2 and the definition in group 3.
+ definition_re = re.compile(r'\s*#\s*define\s+(\w+)(?:\s+|\((\w+)\)\s*)(.+)(?:/[*/])?')
+
+ def read_line(self, line):
+ m = re.match(self.definition_re, line)
+ if not m:
+ return
+ name, parameter, definition = m.groups()
+ if name.endswith('_FLAG') or name.endswith('MASK'):
+ # Macro only to build actual values
+ return
+ elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \
+ and not parameter:
+ if name in [
+ 'PSA_ERROR_UNKNOWN_ERROR',
+ 'PSA_ERROR_OCCUPIED_SLOT',
+ 'PSA_ERROR_EMPTY_SLOT',
+ 'PSA_ERROR_INSUFFICIENT_CAPACITY',
+ ]:
+ # Ad hoc skipping of deprecated error codes, which share
+ # numerical values with non-deprecated error codes
+ return
+
+ self.statuses.add(name)
+ elif name.startswith('PSA_KEY_TYPE_') and not parameter:
+ self.key_types.add(name)
+ elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve':
+ self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
+ elif name.startswith('PSA_ECC_CURVE_') and not parameter:
+ self.ecc_curves.add(name)
+ elif name.startswith('PSA_ALG_') and not parameter:
+ if name in ['PSA_ALG_ECDSA_BASE',
+ 'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']:
+ # Ad hoc skipping of duplicate names for some numerical values
+ return
+ self.algorithms.add(name)
+ # Ad hoc detection of hash algorithms
+ if re.search(r'0x010000[0-9A-Fa-f]{2}', definition):
+ self.hash_algorithms.add(name)
+ elif name.startswith('PSA_ALG_') and parameter == 'hash_alg':
+ if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']:
+ # A naming irregularity
+ tester = name[:8] + 'IS_RANDOMIZED_' + name[8:]
+ else:
+ tester = name[:8] + 'IS_' + name[8:]
+ self.algorithms_from_hash[name] = tester
+ elif name.startswith('PSA_KEY_USAGE_') and not parameter:
+ self.key_usages.add(name)
+ else:
+ # Other macro without parameter
+ return
+
+ def read_file(self, header_file):
+ for line in header_file:
+ self.read_line(line)
+
+ def make_return_case(self, name):
+ return 'case %(name)s: return "%(name)s";' % {'name': name}
+
+ def make_append_case(self, name):
+ template = ('case %(name)s: '
+ 'append(&buffer, buffer_size, &required_size, "%(name)s", %(length)d); '
+ 'break;')
+ return template % {'name': name, 'length': len(name)}
+
+ def make_inner_append_case(self, name):
+ template = ('case %(name)s: '
+ 'append(buffer, buffer_size, required_size, "%(name)s", %(length)d); '
+ 'break;')
+ return template % {'name': name, 'length': len(name)}
+
+ def make_bit_test(self, var, flag):
+ return bit_test_template % {'var': var,
+ 'flag': flag,
+ 'length': len(flag)}
+
+ def make_status_cases(self):
+ return '\n '.join(map(self.make_return_case,
+ sorted(self.statuses)))
+
+ def make_ecc_curve_cases(self):
+ return '\n '.join(map(self.make_return_case,
+ sorted(self.ecc_curves)))
+
+ def make_key_type_cases(self):
+ return '\n '.join(map(self.make_append_case,
+ sorted(self.key_types)))
+
+ def make_key_type_from_curve_code(self, builder, tester):
+ return key_type_from_curve_template % {'builder': builder,
+ 'builder_length': len(builder),
+ 'tester': tester}
+
+ def make_key_type_code(self):
+ d = self.key_types_from_curve
+ make = self.make_key_type_from_curve_code
+ return ''.join([make(k, d[k]) for k in sorted(d.keys())])
+
+ def make_hash_algorithm_cases(self):
+ return '\n '.join(map(self.make_return_case,
+ sorted(self.hash_algorithms)))
+
+ def make_algorithm_cases(self):
+ return '\n '.join(map(self.make_append_case,
+ sorted(self.algorithms)))
+
+ def make_algorithm_from_hash_code(self, builder, tester):
+ return algorithm_from_hash_template % {'builder': builder,
+ 'builder_length': len(builder),
+ 'tester': tester}
+
+ def make_algorithm_code(self):
+ d = self.algorithms_from_hash
+ make = self.make_algorithm_from_hash_code
+ return ''.join([make(k, d[k]) for k in sorted(d.keys())])
+
+ def make_key_usage_code(self):
+ return '\n'.join([self.make_bit_test('usage', bit)
+ for bit in sorted(self.key_usages)])
+
+ def write_file(self, output_file):
+ data = {}
+ data['status_cases'] = self.make_status_cases()
+ data['ecc_curve_cases'] = self.make_ecc_curve_cases()
+ data['key_type_cases'] = self.make_key_type_cases()
+ data['key_type_code'] = self.make_key_type_code()
+ data['hash_algorithm_cases'] = self.make_hash_algorithm_cases()
+ data['algorithm_cases'] = self.make_algorithm_cases()
+ data['algorithm_code'] = self.make_algorithm_code()
+ data['key_usage_code'] = self.make_key_usage_code()
+ output_file.write(output_template % data)
+
+def generate_psa_constants(header_file_names, output_file_name):
+ collector = MacroCollector()
+ for header_file_name in header_file_names:
+ with open(header_file_name) as header_file:
+ collector.read_file(header_file)
+ temp_file_name = output_file_name + '.tmp'
+ with open(temp_file_name, 'w') as output_file:
+ collector.write_file(output_file)
+ os.rename(temp_file_name, output_file_name)
+
+if __name__ == '__main__':
+ if not os.path.isdir('programs') and os.path.isdir('../programs'):
+ os.chdir('..')
+ generate_psa_constants(['include/psa/crypto_values.h',
+ 'include/psa/crypto_extra.h'],
+ 'programs/psa/psa_constant_names_generated.c')
diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl
new file mode 100755
index 0000000..f15e03a
--- /dev/null
+++ b/scripts/generate_query_config.pl
@@ -0,0 +1,75 @@
+#! /usr/bin/env perl
+
+# Generate query_config.c
+#
+# The file query_config.c contains a C function that can be used to check if
+# a configuration macro is defined and to retrieve its expansion in string
+# form (if any). This facilitates querying the compile time configuration of
+# the library, for example, for testing.
+#
+# The query_config.c is generated from the current configuration at
+# include/mbedtls/config.h. The idea is that the config.h contains ALL the
+# compile time configurations available in Mbed TLS (commented or uncommented).
+# This script extracts the configuration macros from the config.h and this
+# information is used to automatically generate the body of the query_config()
+# function by using the template in scripts/data_files/query_config.fmt.
+#
+# Usage: ./scripts/generate_query_config.pl without arguments
+
+use strict;
+
+my $config_file = "./include/mbedtls/config.h";
+
+my $query_config_format_file = "./scripts/data_files/query_config.fmt";
+my $query_config_file = "./programs/ssl/query_config.c";
+
+# Excluded macros from the generated query_config.c. For example, macros that
+# have commas or function-like macros cannot be transformed into strings easily
+# using the preprocessor, so they should be excluded or the preprocessor will
+# throw errors.
+my @excluded = qw(
+MBEDTLS_SSL_CIPHERSUITES
+MBEDTLS_PARAM_FAILED
+);
+my $excluded_re = join '|', @excluded;
+
+open(CONFIG_FILE, "$config_file") or die "Opening config file '$config_file': $!";
+
+# This variable will contain the string to replace in the CHECK_CONFIG of the
+# format file
+my $config_check = "";
+
+while (my $line = <CONFIG_FILE>) {
+ if ($line =~ /^(\/\/)?\s*#\s*define\s+(MBEDTLS_\w+).*/) {
+ my $name = $2;
+
+ # Skip over the macro that prevents multiple inclusion
+ next if "MBEDTLS_CONFIG_H" eq $name;
+
+ # Skip over the macro if it is in the ecluded list
+ next if $name =~ /$excluded_re/;
+
+ $config_check .= "#if defined($name)\n";
+ $config_check .= " if( strcmp( \"$name\", config ) == 0 )\n";
+ $config_check .= " {\n";
+ $config_check .= " MACRO_EXPANSION_TO_STR( $name );\n";
+ $config_check .= " return( 0 );\n";
+ $config_check .= " }\n";
+ $config_check .= "#endif /* $name */\n";
+ $config_check .= "\n";
+ }
+}
+
+# Read the full format file into a string
+local $/;
+open(FORMAT_FILE, "$query_config_format_file") or die "Opening query config format file '$query_config_format_file': $!";
+my $query_config_format = <FORMAT_FILE>;
+close(FORMAT_FILE);
+
+# Replace the body of the query_config() function with the code we just wrote
+$query_config_format =~ s/CHECK_CONFIG/$config_check/g;
+
+# Rewrite the query_config.c file
+open(QUERY_CONFIG_FILE, ">$query_config_file") or die "Opening destination file '$query_config_file': $!";
+print QUERY_CONFIG_FILE $query_config_format;
+close(QUERY_CONFIG_FILE);
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 811c71f..68a1bd4 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -19,7 +19,8 @@
my $vsx_sln_file = "$vsx_dir/mbedTLS.sln";
my $programs_dir = 'programs';
-my $header_dir = 'include/mbedtls';
+my $mbedtls_header_dir = 'include/mbedtls';
+my $psa_header_dir = 'include/psa';
my $source_dir = 'library';
# Need windows line endings!
@@ -53,7 +54,8 @@
sub check_dirs {
return -d $vsx_dir
- && -d $header_dir
+ && -d $mbedtls_header_dir
+ && -d $psa_header_dir
&& -d $source_dir
&& -d $programs_dir;
}
@@ -93,8 +95,14 @@
$path =~ s!/!\\!g;
(my $appname = $path) =~ s/.*\\//;
+ my $srcs = "\n <ClCompile Include=\"..\\..\\programs\\$path.c\" \/>\r";
+ if( $appname eq "ssl_client2" or $appname eq "ssl_server2" or
+ $appname eq "query_compile_time_config" ) {
+ $srcs .= "\n <ClCompile Include=\"..\\..\\programs\\ssl\\query_config.c\" \/>\r";
+ }
+
my $content = $template;
- $content =~ s/<PATHNAME>/$path/g;
+ $content =~ s/<SOURCES>/$srcs/g;
$content =~ s/<APPNAME>/$appname/g;
$content =~ s/<GUID>/$guid/g;
@@ -131,9 +139,11 @@
}
sub gen_main_file {
- my ($headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_;
+ my ($mbedtls_headers, $psa_headers, $source_headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_;
- my $header_entries = gen_entry_list( $hdr_tpl, @$headers );
+ my $header_entries = gen_entry_list( $hdr_tpl, @$mbedtls_headers );
+ $header_entries .= gen_entry_list( $hdr_tpl, @$psa_headers );
+ $header_entries .= gen_entry_list( $hdr_tpl, @$source_headers );
my $source_entries = gen_entry_list( $src_tpl, @$sources );
my $out = slurp_file( $main_tpl );
@@ -187,15 +197,18 @@
del_vsx_files();
my @app_list = get_app_list();
- my @headers = <$header_dir/*.h>;
+ my @mbedtls_headers = <$mbedtls_header_dir/*.h>;
+ my @psa_headers = <$psa_header_dir/*.h>;
+ my @source_headers = <$source_dir/*.h>;
my @sources = <$source_dir/*.c>;
- map { s!/!\\!g } @headers;
+ map { s!/!\\!g } @mbedtls_headers;
+ map { s!/!\\!g } @psa_headers;
map { s!/!\\!g } @sources;
gen_app_files( @app_list );
- gen_main_file( \@headers, \@sources,
- $vsx_hdr_tpl, $vsx_src_tpl,
+ gen_main_file( \@mbedtls_headers, \@psa_headers, \@source_headers,
+ \@sources, $vsx_hdr_tpl, $vsx_src_tpl,
$vsx_main_tpl_file, $vsx_main_file );
gen_vsx_solution( @app_list );
diff --git a/tests/.jenkins/Jenkinsfile b/tests/.jenkins/Jenkinsfile
index ed04053..78a7878 100644
--- a/tests/.jenkins/Jenkinsfile
+++ b/tests/.jenkins/Jenkinsfile
@@ -1 +1 @@
-mbedtls.run_job()
+mbedtls_psa.run_job()
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index eae1f57..0967341 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -112,6 +112,14 @@
add_test_suite(pkparse)
add_test_suite(pkwrite)
add_test_suite(poly1305)
+add_test_suite(psa_crypto)
+add_test_suite(psa_crypto_entropy)
+add_test_suite(psa_crypto_hash)
+add_test_suite(psa_crypto_init)
+add_test_suite(psa_crypto_metadata)
+add_test_suite(psa_crypto_persistent_key)
+add_test_suite(psa_crypto_slot_management)
+add_test_suite(psa_crypto_storage_file)
add_test_suite(shax)
add_test_suite(ssl)
add_test_suite(timing)
@@ -128,4 +136,5 @@
link_to_source(data_files)
link_to_source(scripts)
link_to_source(ssl-opt.sh)
+ link_to_source(suites)
endif()
diff --git a/tests/Makefile b/tests/Makefile
index b6e49bf..f5cafe5 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -6,7 +6,7 @@
WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement -Wno-unused-function -Wno-unused-value
LDFLAGS ?=
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -I../library -D_FILE_OFFSET_BITS=64
LOCAL_LDFLAGS = -L../library \
-lmbedtls$(SHARED_SUFFIX) \
-lmbedx509$(SHARED_SUFFIX) \
@@ -107,7 +107,9 @@
ifndef WINDOWS
rm -rf $(BINARIES) *.c *.datax TESTS
else
- del /Q /F *.c *.exe *.datax
+ if exist *.c del /Q /F *.c
+ if exist *.exe del /Q /F *.exe
+ if exist *.datax del /Q /F *.datax
ifneq ($(wildcard TESTS/.*),)
rmdir /Q /S TESTS
endif
diff --git a/tests/compat.sh b/tests/compat.sh
index bf65e5e..1814528 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -21,7 +21,7 @@
SKIPPED=0
SRVMEM=0
-# default commands, can be overriden by the environment
+# default commands, can be overridden by the environment
: ${M_SRV:=../programs/ssl/ssl_server2}
: ${M_CLI:=../programs/ssl/ssl_client2}
: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 861cb24..aa9fc36 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -45,7 +45,9 @@
test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@
-all_final += test-ca.crt
+test-ca.der: test-ca.crt
+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += test-ca.crt test-ca.der
test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@
@@ -881,7 +883,9 @@
server2.crt: server2.req.sha256
$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@
-all_final += server2.crt
+server2.der: server2.crt
+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server2.crt server2.der
server2-sha256.crt: server2.req.sha256
$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA256 version=3 output_file=$@
diff --git a/tests/data_files/server1-ms.req.sha256 b/tests/data_files/server1-ms.req.sha256
new file mode 100644
index 0000000..b0d9414
--- /dev/null
+++ b/tests/data_files/server1-ms.req.sha256
@@ -0,0 +1,16 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRow
+GAYDVQQDExFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBCwUA
+A4IBAQBY/1nnYQ3ThVyeZb1Z2wLYoHZ5rfeJCedyP7N/gjJZjhrMbwioUft2uHpb
++OZQfxRXJTbtj/1wpRMCoUMLWzapS7/xGx3IjoPtl42aM4M+xVYvbLjExL13kUAr
+eE4JWcMIbTEPol2zSdX/LuB+m27jEp5VsvM2ty9qOw/T4iKwjFSe6pcYZ2spks19
+3ltgjnaamwqKcN9zUA3IERTsWjr5exKYgfXm2OeeuSP0tHr7Dh+w/2XA9dGcLhrm
+TA4P8QjIgSDlyzmhYYmsrioFPuCfdi1uzs8bxmbLXbiCGZ8TDMy5oLqLo1K+j2pF
+ox+ATHKxQ/XpRQP+2OTb9sw1kM59
+-----END NEW CERTIFICATE REQUEST-----
diff --git a/tests/data_files/server1.der b/tests/data_files/server1.der
new file mode 100644
index 0000000..fcf45cd
--- /dev/null
+++ b/tests/data_files/server1.der
Binary files differ
diff --git a/tests/data_files/server2.der b/tests/data_files/server2.der
new file mode 100644
index 0000000..ec03190
--- /dev/null
+++ b/tests/data_files/server2.der
Binary files differ
diff --git a/tests/data_files/test-ca.der b/tests/data_files/test-ca.der
new file mode 100644
index 0000000..039fb9e
--- /dev/null
+++ b/tests/data_files/test-ca.der
Binary files differ
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c5c0c3a..9b5623a 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -55,21 +55,46 @@
# Notes for maintainers
# ---------------------
#
+# The bulk of the code is organized into functions that follow one of the
+# following naming conventions:
+# * pre_XXX: things to do before running the tests, in order.
+# * component_XXX: independent components. They can be run in any order.
+# * component_check_XXX: quick tests that aren't worth parallelizing.
+# * component_build_XXX: build things but don't run them.
+# * component_test_XXX: build and test.
+# * support_XXX: if support_XXX exists and returns false then
+# component_XXX is not run by default.
+# * post_XXX: things to do after running the tests.
+# * other: miscellaneous support functions.
+#
+# Each component must start by invoking `msg` with a short informative message.
+#
+# The framework performs some cleanup tasks after each component. This
+# means that components can assume that the working directory is in a
+# cleaned-up state, and don't need to perform the cleanup themselves.
+# * Run `make clean`.
+# * Restore `include/mbedtks/config.h` from a backup made before running
+# the component.
+# * Check out `Makefile`, `library/Makefile`, `programs/Makefile` and
+# `tests/Makefile` from git. This cleans up after an in-tree use of
+# CMake.
+#
+# Any command that is expected to fail must be protected so that the
+# script keeps running in --keep-going mode despite `set -e`. In keep-going
+# mode, if a protected command fails, this is logged as a failure and the
+# script will exit with a failure status once it has run all components.
+# Commands can be protected in any of the following ways:
+# * `make` is a function which runs the `make` command with protection.
+# Note that you must write `make VAR=value`, not `VAR=value make`,
+# because the `VAR=value make` syntax doesn't work with functions.
+# * Put `report_status` before the command to protect it.
+# * Put `if_build_successful` before a command. This protects it, and
+# additionally skips it if a prior invocation of `make` in the same
+# component failed.
+#
# The tests are roughly in order from fastest to slowest. This doesn't
# have to be exact, but in general you should add slower tests towards
# the end and fast checks near the beginning.
-#
-# Sanity checks have the following form:
-# 1. msg "short description of what is about to be done"
-# 2. run sanity check (failure stops the script)
-#
-# Build or build-and-test steps have the following form:
-# 1. msg "short description of what is about to be done"
-# 2. cleanup
-# 3. preparation (config.pl, cmake, ...) (failure stops the script)
-# 4. make
-# 5. Run tests if relevant. All tests must be prefixed with
-# if_build_successful for the sake of --keep-going.
@@ -80,50 +105,96 @@
# Abort on errors (and uninitialised variables)
set -eu
-if [ "$( uname )" != "Linux" ]; then
- echo "This script only works in Linux" >&2
- exit 1
-elif [ -d library -a -d include -a -d tests ]; then :; else
- echo "Must be run from mbed TLS root" >&2
- exit 1
-fi
+pre_check_environment () {
+ if [ -d library -a -d include -a -d tests ]; then :; else
+ echo "Must be run from mbed TLS root" >&2
+ exit 1
+ fi
+}
-CONFIG_H='include/mbedtls/config.h'
-CONFIG_BAK="$CONFIG_H.bak"
+pre_initialize_variables () {
+ CONFIG_H='include/mbedtls/config.h'
+ CONFIG_BAK="$CONFIG_H.bak"
-MEMORY=0
-FORCE=0
-KEEP_GOING=0
-RUN_ARMCC=1
+ MEMORY=0
+ FORCE=0
+ KEEP_GOING=0
-# Default commands, can be overriden by the environment
-: ${OPENSSL:="openssl"}
-: ${OPENSSL_LEGACY:="$OPENSSL"}
-: ${OPENSSL_NEXT:="$OPENSSL"}
-: ${GNUTLS_CLI:="gnutls-cli"}
-: ${GNUTLS_SERV:="gnutls-serv"}
-: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
-: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
-: ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
-: ${ARMC5_BIN_DIR:=/usr/bin}
-: ${ARMC6_BIN_DIR:=/usr/bin}
+ # Default commands, can be overridden by the environment
+ : ${OPENSSL:="openssl"}
+ : ${OPENSSL_LEGACY:="$OPENSSL"}
+ : ${OPENSSL_NEXT:="$OPENSSL"}
+ : ${GNUTLS_CLI:="gnutls-cli"}
+ : ${GNUTLS_SERV:="gnutls-serv"}
+ : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
+ : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
+ : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
+ : ${ARMC5_BIN_DIR:=/usr/bin}
+ : ${ARMC6_BIN_DIR:=/usr/bin}
-# if MAKEFLAGS is not set add the -j option to speed up invocations of make
-if [ -n "${MAKEFLAGS+set}" ]; then
- export MAKEFLAGS="-j"
-fi
+ # if MAKEFLAGS is not set add the -j option to speed up invocations of make
+ if [ -z "${MAKEFLAGS+set}" ]; then
+ export MAKEFLAGS="-j"
+ fi
+
+ # Include more verbose output for failing tests run by CMake
+ export CTEST_OUTPUT_ON_FAILURE=1
+
+ # Gather the list of available components. These are the functions
+ # defined in this script whose name starts with "component_".
+ # Parse the script with sed, because in sh there is no way to list
+ # defined functions.
+ ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0")
+
+ # Exclude components that are not supported on this platform.
+ SUPPORTED_COMPONENTS=
+ for component in $ALL_COMPONENTS; do
+ case $(type "support_$component" 2>&1) in
+ *' function'*)
+ if ! support_$component; then continue; fi;;
+ esac
+ SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
+ done
+}
+
+# Test whether the component $1 is included in the command line patterns.
+is_component_included()
+{
+ set -f
+ for pattern in $COMMAND_LINE_COMPONENTS; do
+ set +f
+ case ${1#component_} in $pattern) return 0;; esac
+ done
+ set +f
+ return 1
+}
usage()
{
cat <<EOF
-Usage: $0 [OPTION]...
- -h|--help Print this help.
+Usage: $0 [OPTION]... [COMPONENT]...
+Run mbedtls release validation tests.
+By default, run all tests. With one or more COMPONENT, run only those.
+COMPONENT can be the name of a component or a shell wildcard pattern.
+
+Examples:
+ $0 "check_*"
+ Run all sanity checks.
+ $0 --no-armcc --except test_memsan
+ Run everything except builds that require armcc and MemSan.
+
+Special options:
+ -h|--help Print this help and exit.
+ --list-all-components List all available test components and exit.
+ --list-components List components supported on this platform and exit.
General options:
-f|--force Force the tests to overwrite any modified files.
-k|--keep-going Run all tests and report errors at the end.
-m|--memory Additional optional memory tests.
--armcc Run ARM Compiler builds (on by default).
+ --except Exclude the COMPONENTs listed on the command line,
+ instead of running only those.
--no-armcc Skip ARM Compiler builds.
--no-force Refuse to overwrite modified files (default).
--no-keep-going Stop at the first error (default).
@@ -156,7 +227,7 @@
command make clean
# Remove CMake artefacts
- find . -name .git -prune \
+ find . -name .git -prune -o \
-iname CMakeFiles -exec rm -rf {} \+ -o \
\( -iname cmake_install.cmake -o \
-iname CTestTestfile.cmake -o \
@@ -189,25 +260,27 @@
msg()
{
+ if [ -n "${current_component:-}" ]; then
+ current_section="${current_component#component_}: $1"
+ else
+ current_section="$1"
+ fi
echo ""
echo "******************************************************************"
- echo "* $1 "
+ echo "* $current_section "
printf "* "; date
echo "******************************************************************"
- current_section=$1
}
-if [ $RUN_ARMCC -ne 0 ]; then
- armc6_build_test()
- {
- FLAGS="$1"
+armc6_build_test()
+{
+ FLAGS="$1"
- msg "build: ARM Compiler 6 ($FLAGS), make"
- ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
- WARNING_CFLAGS='-xc -std=c99' make lib
- make clean
- }
-fi
+ msg "build: ARM Compiler 6 ($FLAGS), make"
+ ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
+ WARNING_CFLAGS='-xc -std=c99' make lib
+ make clean
+}
err_msg()
{
@@ -225,68 +298,108 @@
}
check_headers_in_cpp () {
- ls include/mbedtls >headers.txt
+ ls include/mbedtls | grep "\.h$" >headers.txt
<programs/test/cpp_dummy_build.cpp sed -n 's/"$//; s!^#include "mbedtls/!!p' |
sort |
diff headers.txt -
rm headers.txt
}
-while [ $# -gt 0 ]; do
- case "$1" in
- --armcc) RUN_ARMCC=1;;
- --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
- --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
- --force|-f) FORCE=1;;
- --gnutls-cli) shift; GNUTLS_CLI="$1";;
- --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";;
- --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";;
- --gnutls-serv) shift; GNUTLS_SERV="$1";;
- --help|-h) usage; exit;;
- --keep-going|-k) KEEP_GOING=1;;
- --memory|-m) MEMORY=1;;
- --no-armcc) RUN_ARMCC=0;;
- --no-force) FORCE=0;;
- --no-keep-going) KEEP_GOING=0;;
- --no-memory) MEMORY=0;;
- --openssl) shift; OPENSSL="$1";;
- --openssl-legacy) shift; OPENSSL_LEGACY="$1";;
- --openssl-next) shift; OPENSSL_NEXT="$1";;
- --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
- --random-seed) unset SEED;;
- --release-test|-r) SEED=1;;
- --seed|-s) shift; SEED="$1";;
- *)
- echo >&2 "Unknown option: $1"
- echo >&2 "Run $0 --help for usage."
- exit 120
- ;;
- esac
- shift
-done
+pre_parse_command_line () {
+ COMMAND_LINE_COMPONENTS=
+ all_except=0
+ no_armcc=
-if [ $FORCE -eq 1 ]; then
- git checkout-index -f -q $CONFIG_H
- cleanup
-else
+ while [ $# -gt 0 ]; do
+ case "$1" in
+ --armcc) no_armcc=;;
+ --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
+ --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
+ --except) all_except=1;;
+ --force|-f) FORCE=1;;
+ --gnutls-cli) shift; GNUTLS_CLI="$1";;
+ --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";;
+ --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";;
+ --gnutls-serv) shift; GNUTLS_SERV="$1";;
+ --help|-h) usage; exit;;
+ --keep-going|-k) KEEP_GOING=1;;
+ --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;;
+ --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;;
+ --memory|-m) MEMORY=1;;
+ --no-armcc) no_armcc=1;;
+ --no-force) FORCE=0;;
+ --no-keep-going) KEEP_GOING=0;;
+ --no-memory) MEMORY=0;;
+ --openssl) shift; OPENSSL="$1";;
+ --openssl-legacy) shift; OPENSSL_LEGACY="$1";;
+ --openssl-next) shift; OPENSSL_NEXT="$1";;
+ --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
+ --random-seed) unset SEED;;
+ --release-test|-r) SEED=1;;
+ --seed|-s) shift; SEED="$1";;
+ -*)
+ echo >&2 "Unknown option: $1"
+ echo >&2 "Run $0 --help for usage."
+ exit 120
+ ;;
+ *) COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS $1";;
+ esac
+ shift
+ done
- if [ -d "$OUT_OF_SOURCE_DIR" ]; then
- echo "Warning - there is an existing directory at '$OUT_OF_SOURCE_DIR'" >&2
- echo "You can either delete this directory manually, or force the test by rerunning"
- echo "the script as: $0 --force --out-of-source-dir $OUT_OF_SOURCE_DIR"
- exit 1
+ # With no list of components, run everything.
+ if [ -z "$COMMAND_LINE_COMPONENTS" ]; then
+ all_except=1
fi
- if ! git diff-files --quiet include/mbedtls/config.h; then
- err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. "
- echo "You can either delete or preserve your work, or force the test by rerunning the"
- echo "script as: $0 --force"
- exit 1
+ # --no-armcc is a legacy option. The modern way is --except '*_armcc*'.
+ # Ignore it if components are listed explicitly on the command line.
+ if [ -n "$no_armcc" ] && [ $all_except -eq 1 ]; then
+ COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*"
fi
-fi
-build_status=0
-if [ $KEEP_GOING -eq 1 ]; then
+ # Build the list of components to run.
+ RUN_COMPONENTS=
+ for component in $SUPPORTED_COMPONENTS; do
+ if is_component_included "$component"; [ $? -eq $all_except ]; then
+ RUN_COMPONENTS="$RUN_COMPONENTS $component"
+ fi
+ done
+
+ unset all_except
+ unset no_armcc
+}
+
+pre_check_git () {
+ if [ $FORCE -eq 1 ]; then
+ rm -rf "$OUT_OF_SOURCE_DIR"
+ git checkout-index -f -q $CONFIG_H
+ cleanup
+ else
+
+ if [ -d "$OUT_OF_SOURCE_DIR" ]; then
+ echo "Warning - there is an existing directory at '$OUT_OF_SOURCE_DIR'" >&2
+ echo "You can either delete this directory manually, or force the test by rerunning"
+ echo "the script as: $0 --force --out-of-source-dir $OUT_OF_SOURCE_DIR"
+ exit 1
+ fi
+
+ if ! git diff --quiet include/mbedtls/config.h; then
+ err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. "
+ echo "You can either delete or preserve your work, or force the test by rerunning the"
+ echo "script as: $0 --force"
+ exit 1
+ fi
+ fi
+}
+
+pre_check_seedfile () {
+ if [ ! -f "./tests/seedfile" ]; then
+ dd if=/dev/urandom of=./tests/seedfile bs=32 count=1
+ fi
+}
+
+pre_setup_keep_going () {
failure_summary=
failure_count=0
start_red=
@@ -340,11 +453,8 @@
echo "Killed by SIG$1."
fi
}
-else
- record_status () {
- "$@"
- }
-fi
+}
+
if_build_succeeded () {
if [ $build_status -eq 0 ]; then
record_status "$@"
@@ -357,44 +467,84 @@
! "$@"
}
-msg "info: $0 configuration"
-echo "MEMORY: $MEMORY"
-echo "FORCE: $FORCE"
-echo "SEED: ${SEED-"UNSET"}"
-echo "OPENSSL: $OPENSSL"
-echo "OPENSSL_LEGACY: $OPENSSL_LEGACY"
-echo "OPENSSL_NEXT: $OPENSSL_NEXT"
-echo "GNUTLS_CLI: $GNUTLS_CLI"
-echo "GNUTLS_SERV: $GNUTLS_SERV"
-echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
-echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV"
-echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR"
-echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
-
-ARMC5_CC="$ARMC5_BIN_DIR/armcc"
-ARMC5_AR="$ARMC5_BIN_DIR/armar"
-ARMC6_CC="$ARMC6_BIN_DIR/armclang"
-ARMC6_AR="$ARMC6_BIN_DIR/armar"
-
-# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh
-# we just export the variables they require
-export OPENSSL_CMD="$OPENSSL"
-export GNUTLS_CLI="$GNUTLS_CLI"
-export GNUTLS_SERV="$GNUTLS_SERV"
-
-# Avoid passing --seed flag in every call to ssl-opt.sh
-if [ -n "${SEED-}" ]; then
- export SEED
-fi
+pre_print_configuration () {
+ msg "info: $0 configuration"
+ echo "MEMORY: $MEMORY"
+ echo "FORCE: $FORCE"
+ echo "SEED: ${SEED-"UNSET"}"
+ echo "OPENSSL: $OPENSSL"
+ echo "OPENSSL_LEGACY: $OPENSSL_LEGACY"
+ echo "OPENSSL_NEXT: $OPENSSL_NEXT"
+ echo "GNUTLS_CLI: $GNUTLS_CLI"
+ echo "GNUTLS_SERV: $GNUTLS_SERV"
+ echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
+ echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV"
+ echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR"
+ echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
+}
# Make sure the tools we need are available.
-check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
- "$GNUTLS_CLI" "$GNUTLS_SERV" \
- "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \
- "arm-none-eabi-gcc" "i686-w64-mingw32-gcc" "gdb"
-if [ $RUN_ARMCC -ne 0 ]; then
- check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR"
-fi
+pre_check_tools () {
+ # Build the list of variables to pass to output_env.sh.
+ set env
+
+ case " $RUN_COMPONENTS " in
+ # Require OpenSSL and GnuTLS if running any tests (as opposed to
+ # only doing builds). Not all tests run OpenSSL and GnuTLS, but this
+ # is a good enough approximation in practice.
+ *" test_"*)
+ # To avoid setting OpenSSL and GnuTLS for each call to compat.sh
+ # and ssl-opt.sh, we just export the variables they require.
+ export OPENSSL_CMD="$OPENSSL"
+ export GNUTLS_CLI="$GNUTLS_CLI"
+ export GNUTLS_SERV="$GNUTLS_SERV"
+ # Avoid passing --seed flag in every call to ssl-opt.sh
+ if [ -n "${SEED-}" ]; then
+ export SEED
+ fi
+ set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY"
+ set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV"
+ set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI"
+ set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV"
+ check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
+ "$GNUTLS_CLI" "$GNUTLS_SERV" \
+ "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV"
+ ;;
+ esac
+
+ case " $RUN_COMPONENTS " in
+ *_doxygen[_\ ]*) check_tools "doxygen" "dot";;
+ esac
+
+ case " $RUN_COMPONENTS " in
+ *_arm_none_eabi_gcc[_\ ]*) check_tools "arm-none-eabi-gcc";;
+ esac
+
+ case " $RUN_COMPONENTS " in
+ *_mingw[_\ ]*) check_tools "i686-w64-mingw32-gcc";;
+ esac
+
+ case " $RUN_COMPONENTS " in
+ *" test_zeroize "*) check_tools "gdb";;
+ esac
+
+ case " $RUN_COMPONENTS " in
+ *_armcc*)
+ ARMC5_CC="$ARMC5_BIN_DIR/armcc"
+ ARMC5_AR="$ARMC5_BIN_DIR/armar"
+ ARMC6_CC="$ARMC6_BIN_DIR/armclang"
+ ARMC6_AR="$ARMC6_BIN_DIR/armar"
+ check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR";;
+ esac
+
+ msg "info: output_env.sh"
+ case $RUN_COMPONENTS in
+ *_armcc*)
+ set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;;
+ *) set "$@" RUN_ARMCC=0;;
+ esac
+ "$@" scripts/output_env.sh
+}
@@ -413,533 +563,590 @@
#
# Indicative running times are given for reference.
-msg "info: output_env.sh"
-OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \
- GNUTLS_SERV="$GNUTLS_SERV" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \
- GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" ARMC5_CC="$ARMC5_CC" \
- ARMC6_CC="$ARMC6_CC" RUN_ARMCC="$RUN_ARMCC" scripts/output_env.sh
+component_check_recursion () {
+ msg "test: recursion.pl" # < 1s
+ record_status tests/scripts/recursion.pl library/*.c
+}
-msg "test: recursion.pl" # < 1s
-record_status tests/scripts/recursion.pl library/*.c
+component_check_generated_files () {
+ msg "test: freshness of generated source files" # < 1s
+ record_status tests/scripts/check-generated-files.sh
+}
-msg "test: freshness of generated source files" # < 1s
-record_status tests/scripts/check-generated-files.sh
+component_check_doxy_blocks () {
+ msg "test: doxygen markup outside doxygen blocks" # < 1s
+ record_status tests/scripts/check-doxy-blocks.pl
+}
-msg "test: doxygen markup outside doxygen blocks" # < 1s
-record_status tests/scripts/check-doxy-blocks.pl
+component_check_files () {
+ msg "test: check-files.py" # < 1s
+ record_status tests/scripts/check-files.py
+}
-msg "test: check-files.py" # < 1s
-cleanup
-record_status tests/scripts/check-files.py
+component_check_names () {
+ msg "test/build: declared and exported names" # < 3s
+ record_status tests/scripts/check-names.sh
+}
-msg "test/build: declared and exported names" # < 3s
-cleanup
-record_status tests/scripts/check-names.sh
-
-msg "test: doxygen warnings" # ~ 3s
-cleanup
-record_status tests/scripts/doxygen.sh
-
+component_check_doxygen_warnings () {
+ msg "test: doxygen warnings" # ~ 3s
+ record_status tests/scripts/doxygen.sh
+}
################################################################
#### Build and test many configurations and targets
################################################################
-msg "build: cmake, gcc, ASan" # ~ 1 min 50s
-cleanup
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+component_test_default_cmake_gcc_asan () {
+ msg "build: cmake, gcc, ASan" # ~ 1 min 50s
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
-make test
+ msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
+ make test
-msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
-if_build_succeeded tests/ssl-opt.sh
+ msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
+ if_build_succeeded tests/ssl-opt.sh
-msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s
-record_status tests/scripts/test-ref-configs.pl
+ msg "test: compat.sh (ASan build)" # ~ 6 min
+ if_build_succeeded tests/compat.sh
+}
-msg "build: with ASan (rebuild after ref-configs)" # ~ 1 min
-make
+component_test_ref_configs () {
+ msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ record_status tests/scripts/test-ref-configs.pl
+}
-msg "test: compat.sh (ASan build)" # ~ 6 min
-if_build_succeeded tests/compat.sh
+component_test_sslv3 () {
+ msg "build: Default + SSLv3 (ASan build)" # ~ 6 min
+ scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "build: Default + SSLv3 (ASan build)" # ~ 6 min
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s
+ make test
-msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s
-make test
+ msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min
+ if_build_succeeded tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2'
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
-msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min
-if_build_succeeded tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2'
-if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
+ msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min
+ if_build_succeeded tests/ssl-opt.sh
+}
-msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min
-if_build_succeeded tests/ssl-opt.sh
+component_test_no_renegotiation () {
+ msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
+ scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s
+ make test
-msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s
-make test
+ msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min
+ if_build_succeeded tests/ssl-opt.sh
+}
-msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min
-if_build_succeeded tests/ssl-opt.sh
+component_test_rsa_no_crt () {
+ msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
+ scripts/config.pl set MBEDTLS_RSA_NO_CRT
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_RSA_NO_CRT
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
+ make test
-msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
-make test
+ msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s
+ if_build_succeeded tests/ssl-opt.sh -f RSA
-msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s
-if_build_succeeded tests/ssl-opt.sh -f RSA
+ msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
+ if_build_succeeded tests/compat.sh -t RSA
+}
-msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
-if_build_succeeded tests/compat.sh -t RSA
+component_test_small_ssl_out_content_len () {
+ msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
+ scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
+ scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
-scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
+ if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet"
+}
-msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
-if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet"
+component_test_small_ssl_in_content_len () {
+ msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
+ scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096
+ scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096
-scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
+ if_build_succeeded tests/ssl-opt.sh -f "Max fragment"
+}
-msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
-if_build_succeeded tests/ssl-opt.sh -f "Max fragment"
+component_test_small_ssl_dtls_max_buffering () {
+ msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
+ scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
+ if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg"
+}
-msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
-if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg"
+component_test_small_mbedtls_ssl_dtls_max_buffering () {
+ msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
+ scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
+ if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
+}
-msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
-if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
+component_test_full_cmake_clang () {
+ msg "build: cmake, full config, clang" # ~ 50s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+ CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On .
+ make
-msg "build: cmake, full config, clang" # ~ 50s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
-CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On .
-make
+ msg "test: main suites (full config)" # ~ 5s
+ make test
-msg "test: main suites (full config)" # ~ 5s
-make test
+ msg "test: psa_constant_names (full config)" # ~ 1s
+ record_status tests/scripts/test_psa_constant_names.py
-msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s
-if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private'
+ msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private'
-msg "test: compat.sh RC4, DES & NULL (full config)" # ~ 2 min
-if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
+ msg "test: compat.sh RC4, DES & NULL (full config)" # ~ 2 min
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
-msg "test: compat.sh ARIA + ChachaPoly"
-if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+ msg "test: compat.sh ARIA + ChachaPoly"
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+}
-msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl set MBEDTLS_DEPRECATED_WARNING
-# Build with -O -Wextra to catch a maximum of issues.
-make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs
-make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
+component_build_deprecated () {
+ msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
+ scripts/config.pl full
+ scripts/config.pl set MBEDTLS_DEPRECATED_WARNING
+ # Build with -O -Wextra to catch a maximum of issues.
+ make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs
+ make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
-msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s
-# No cleanup, just tweak the configuration and rebuild
-make clean
-scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING
-scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED
-# Build with -O -Wextra to catch a maximum of issues.
-make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs
-make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
-
-msg "test/build: curves.pl (gcc)" # ~ 4 min
-cleanup
-record_status tests/scripts/curves.pl
-
-msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min
-cleanup
-record_status tests/scripts/depends-hashes.pl
-
-msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min
-cleanup
-record_status tests/scripts/depends-pkalgs.pl
-
-msg "test/build: key-exchanges (gcc)" # ~ 1 min
-cleanup
-record_status tests/scripts/key-exchanges.pl
-
-msg "build: Unix make, -Os (gcc)" # ~ 30s
-cleanup
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
-
-msg "test: verify header list in cpp_dummy_build.cpp"
-record_status check_headers_in_cpp
-
-msg "build: Unix make, incremental g++"
-make TEST_CPP=1
+ msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s
+ # No cleanup, just tweak the configuration and rebuild
+ make clean
+ scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING
+ scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED
+ # Build with -O -Wextra to catch a maximum of issues.
+ make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs
+ make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests
+}
-msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full # includes CHECK_PARAMS
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
-scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
-scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY
-scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-scripts/config.pl unset MBEDTLS_PLATFORM_C
-make CC=gcc CFLAGS='-Werror -O1' all test
+component_test_depends_curves () {
+ msg "test/build: curves.pl (gcc)" # ~ 4 min
+ record_status tests/scripts/curves.pl
+}
-msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full # includes CHECK_PARAMS
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
-sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H"
-make CC=gcc CFLAGS='-Werror -O1' all test
+component_test_depends_hashes () {
+ msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min
+ record_status tests/scripts/depends-hashes.pl
+}
+component_test_depends_pkalgs () {
+ msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min
+ record_status tests/scripts/depends-pkalgs.pl
+}
-# Full configuration build, without platform support, file IO and net sockets.
-# This should catch missing mbedtls_printf definitions, and by disabling file
-# IO, it should catch missing '#include <stdio.h>'
-msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_PLATFORM_C
-scripts/config.pl unset MBEDTLS_NET_C
-scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY
-scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT
-scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
-scripts/config.pl unset MBEDTLS_FS_IO
-# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
-# to re-enable platform integration features otherwise disabled in C99 builds
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' test
+component_build_key_exchanges () {
+ msg "test/build: key-exchanges (gcc)" # ~ 1 min
+ record_status tests/scripts/key-exchanges.pl
+}
-# catch compile bugs in _uninit functions
-msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
+component_build_default_make_gcc_and_cxx () {
+ msg "build: Unix make, -Os (gcc)" # ~ 30s
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
-msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_SSL_SRV_C
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
+ msg "test: verify header list in cpp_dummy_build.cpp"
+ record_status check_headers_in_cpp
-msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_SSL_CLI_C
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
+ msg "build: Unix make, incremental g++"
+ make TEST_CPP=1
+}
-# Note, C99 compliance can also be tested with the sockets support disabled,
-# as that requires a POSIX platform (which isn't the same as C99).
-msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
-scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib
+component_test_use_psa_crypto_full_cmake_asan() {
+ # MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh
+ msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan"
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+ scripts/config.pl unset MBEDTLS_ECP_RESTARTABLE # restartable ECC not supported through PSA
+ scripts/config.pl set MBEDTLS_PSA_CRYPTO_C
+ scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-# Run max fragment length tests with MFL disabled
-msg "build: default config except MFL extension (ASan build)" # ~ 30s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: main suites (MBEDTLS_USE_PSA_CRYPTO)"
+ make test
-msg "test: ssl-opt.sh, MFL-related tests"
-if_build_succeeded tests/ssl-opt.sh -f "Max fragment length"
+ msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)"
+ if_build_succeeded tests/ssl-opt.sh
-msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
-scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+ msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)"
+ if_build_succeeded tests/compat.sh
-msg "test: MFL tests (disabled MFL extension case) & large packet tests"
-if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer"
+ msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)"
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
-msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_TEST_NULL_ENTROPY
-scripts/config.pl set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
-scripts/config.pl set MBEDTLS_ENTROPY_C
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-scripts/config.pl unset MBEDTLS_ENTROPY_HARDWARE_ALT
-scripts/config.pl unset MBEDTLS_HAVEGE_C
-CC=gcc cmake -D UNSAFE_BUILD=ON -D CMAKE_C_FLAGS:String="-fsanitize=address -fno-common -O3" .
-make
+ msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)"
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
-msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
-make test
+ msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)"
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+}
-msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_PLATFORM_MEMORY
-scripts/config.pl set MBEDTLS_PLATFORM_CALLOC_MACRO calloc
-scripts/config.pl set MBEDTLS_PLATFORM_FREE_MACRO free
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+component_test_check_params_without_platform () {
+ msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C"
+ scripts/config.pl full # includes CHECK_PARAMS
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY
+ scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl unset MBEDTLS_PLATFORM_C
+ make CC=gcc CFLAGS='-Werror -O1' all test
+}
-msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
-make test
+component_test_check_params_silent () {
+ msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()"
+ scripts/config.pl full # includes CHECK_PARAMS
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+ sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H"
+ make CC=gcc CFLAGS='-Werror -O1' all test
+}
-msg "build: default config with AES_FEWER_TABLES enabled"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_AES_FEWER_TABLES
-make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+component_test_no_platform () {
+ # Full configuration build, without platform support, file IO and net sockets.
+ # This should catch missing mbedtls_printf definitions, and by disabling file
+ # IO, it should catch missing '#include <stdio.h>'
+ msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_PLATFORM_C
+ scripts/config.pl unset MBEDTLS_NET_C
+ scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY
+ scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT
+ scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ scripts/config.pl unset MBEDTLS_FS_IO
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
+ # to re-enable platform integration features otherwise disabled in C99 builds
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' test
+}
-msg "test: AES_FEWER_TABLES"
-make test
+component_build_no_std_function () {
+ # catch compile bugs in _uninit functions
+ msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s
+ scripts/config.pl full
+ scripts/config.pl set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
+}
-msg "build: default config with AES_ROM_TABLES enabled"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_AES_ROM_TABLES
-make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+component_build_no_ssl_srv () {
+ msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_SSL_SRV_C
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
+}
-msg "test: AES_ROM_TABLES"
-make test
+component_build_no_ssl_cli () {
+ msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_SSL_CLI_C
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
+}
-msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_AES_FEWER_TABLES
-scripts/config.pl set MBEDTLS_AES_ROM_TABLES
-make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+component_build_no_sockets () {
+ # Note, C99 compliance can also be tested with the sockets support disabled,
+ # as that requires a POSIX platform (which isn't the same as C99).
+ msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
+ scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib
+}
-msg "test: AES_FEWER_TABLES + AES_ROM_TABLES"
-make test
+component_test_no_max_fragment_length () {
+ # Run max fragment length tests with MFL disabled
+ msg "build: default config except MFL extension (ASan build)" # ~ 30s
+ scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
-if uname -a | grep -F Linux >/dev/null; then
+ msg "test: ssl-opt.sh, MFL-related tests"
+ if_build_succeeded tests/ssl-opt.sh -f "Max fragment length"
+}
+
+component_test_no_max_fragment_length_small_ssl_out_content_len () {
+ msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
+ scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
+ scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: MFL tests (disabled MFL extension case) & large packet tests"
+ if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer"
+}
+
+component_test_null_entropy () {
+ msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
+ scripts/config.pl set MBEDTLS_TEST_NULL_ENTROPY
+ scripts/config.pl set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ scripts/config.pl set MBEDTLS_ENTROPY_C
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl unset MBEDTLS_ENTROPY_HARDWARE_ALT
+ scripts/config.pl unset MBEDTLS_HAVEGE_C
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
+ make
+
+ msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
+ make test
+}
+
+component_test_platform_calloc_macro () {
+ msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
+ scripts/config.pl set MBEDTLS_PLATFORM_MEMORY
+ scripts/config.pl set MBEDTLS_PLATFORM_CALLOC_MACRO calloc
+ scripts/config.pl set MBEDTLS_PLATFORM_FREE_MACRO free
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)"
+ make test
+}
+
+component_test_aes_fewer_tables () {
+ msg "build: default config with AES_FEWER_TABLES enabled"
+ scripts/config.pl set MBEDTLS_AES_FEWER_TABLES
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+
+ msg "test: AES_FEWER_TABLES"
+ make test
+}
+
+component_test_aes_rom_tables () {
+ msg "build: default config with AES_ROM_TABLES enabled"
+ scripts/config.pl set MBEDTLS_AES_ROM_TABLES
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+
+ msg "test: AES_ROM_TABLES"
+ make test
+}
+
+component_test_aes_fewer_tables_and_rom_tables () {
+ msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled"
+ scripts/config.pl set MBEDTLS_AES_FEWER_TABLES
+ scripts/config.pl set MBEDTLS_AES_ROM_TABLES
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra'
+
+ msg "test: AES_FEWER_TABLES + AES_ROM_TABLES"
+ make test
+}
+
+component_test_make_shared () {
msg "build/test: make shared" # ~ 40s
- cleanup
make SHARED=1 all check
-fi
+}
-if uname -a | grep -F x86_64 >/dev/null; then
+component_test_m32_o0 () {
# Build once with -O0, to compile out the i386 specific inline assembly
msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
- cleanup
- cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl full
make CC=gcc CFLAGS='-O0 -Werror -Wall -Wextra -m32 -fsanitize=address'
msg "test: i386, make, gcc -O0 (ASan build)"
make test
+}
+support_test_m32_o0 () {
+ case $(uname -m) in
+ *64*) true;;
+ *) false;;
+ esac
+}
+component_test_m32_o1 () {
# Build again with -O1, to compile in the i386 specific inline assembly
msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s
- cleanup
- cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl full
make CC=gcc CFLAGS='-O1 -Werror -Wall -Wextra -m32 -fsanitize=address'
msg "test: i386, make, gcc -O1 (ASan build)"
make test
+}
+support_test_m32_o1 () {
+ support_test_m32_o0 "$@"
+}
+component_test_mx32 () {
msg "build: 64-bit ILP32, make, gcc" # ~ 30s
- cleanup
- cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl full
make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32'
msg "test: 64-bit ILP32, make, gcc"
make test
-fi # x86_64
+}
+support_test_mx32 () {
+ case $(uname -m) in
+ amd64|x86_64) true;;
+ *) false;;
+ esac
+}
-msg "build: gcc, force 32-bit bignum limbs"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl unset MBEDTLS_HAVE_ASM
-scripts/config.pl unset MBEDTLS_AESNI_C
-scripts/config.pl unset MBEDTLS_PADLOCK_C
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
+component_test_have_int32 () {
+ msg "build: gcc, force 32-bit bignum limbs"
+ scripts/config.pl unset MBEDTLS_HAVE_ASM
+ scripts/config.pl unset MBEDTLS_AESNI_C
+ scripts/config.pl unset MBEDTLS_PADLOCK_C
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
-msg "test: gcc, force 32-bit bignum limbs"
-make test
+ msg "test: gcc, force 32-bit bignum limbs"
+ make test
+}
-msg "build: gcc, force 64-bit bignum limbs"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl unset MBEDTLS_HAVE_ASM
-scripts/config.pl unset MBEDTLS_AESNI_C
-scripts/config.pl unset MBEDTLS_PADLOCK_C
-make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
+component_test_have_int64 () {
+ msg "build: gcc, force 64-bit bignum limbs"
+ scripts/config.pl unset MBEDTLS_HAVE_ASM
+ scripts/config.pl unset MBEDTLS_AESNI_C
+ scripts/config.pl unset MBEDTLS_PADLOCK_C
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
-msg "test: gcc, force 64-bit bignum limbs"
-make test
+ msg "test: gcc, force 64-bit bignum limbs"
+ make test
+}
+component_test_no_udbl_division () {
+ msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+ scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
+ make CFLAGS='-Werror -O1'
-msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
-scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
-make CFLAGS='-Werror -O1'
+ msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
+ make test
+}
-msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
-make test
+component_test_no_64bit_multiplication () {
+ msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+ scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
+ make CFLAGS='-Werror -O1'
+ msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
+ make test
+}
-msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
-scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
-make CFLAGS='-Werror -O1'
+component_build_arm_none_eabi_gcc () {
+ msg "build: arm-none-eabi-gcc, make" # ~ 10s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_NET_C
+ scripts/config.pl unset MBEDTLS_TIMING_C
+ scripts/config.pl unset MBEDTLS_FS_IO
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
+ # following things are not in the default config
+ scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
+ scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
+ scripts/config.pl unset MBEDTLS_THREADING_C
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
+ make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
+}
-msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
-make test
+component_build_arm_none_eabi_gcc_no_udbl_division () {
+ msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_NET_C
+ scripts/config.pl unset MBEDTLS_TIMING_C
+ scripts/config.pl unset MBEDTLS_FS_IO
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
+ # following things are not in the default config
+ scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
+ scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
+ scripts/config.pl unset MBEDTLS_THREADING_C
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
+ scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
+ make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
+ echo "Checking that software 64-bit division is not required"
+ if_build_succeeded not grep __aeabi_uldiv library/*.o
+}
+component_build_arm_none_eabi_gcc_no_64bit_multiplication () {
+ msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_NET_C
+ scripts/config.pl unset MBEDTLS_TIMING_C
+ scripts/config.pl unset MBEDTLS_FS_IO
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
+ # following things are not in the default config
+ scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
+ scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
+ scripts/config.pl unset MBEDTLS_THREADING_C
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
+ scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
+ make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib
+ echo "Checking that software 64-bit multiplication is not required"
+ if_build_succeeded not grep __aeabi_lmul library/*.o
+}
-msg "build: arm-none-eabi-gcc, make" # ~ 10s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_NET_C
-scripts/config.pl unset MBEDTLS_TIMING_C
-scripts/config.pl unset MBEDTLS_FS_IO
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
-# following things are not in the default config
-scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
-scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
-scripts/config.pl unset MBEDTLS_THREADING_C
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
-scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
-make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
+component_build_armcc () {
+ msg "build: ARM Compiler 5, make"
+ scripts/config.pl full
+ scripts/config.pl unset MBEDTLS_NET_C
+ scripts/config.pl unset MBEDTLS_TIMING_C
+ scripts/config.pl unset MBEDTLS_FS_IO
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
+ scripts/config.pl unset MBEDTLS_HAVE_TIME
+ scripts/config.pl unset MBEDTLS_HAVE_TIME_DATE
+ scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
+ # following things are not in the default config
+ scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING
+ scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
+ scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
+ scripts/config.pl unset MBEDTLS_THREADING_C
+ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
+ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
+ scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME
-msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_NET_C
-scripts/config.pl unset MBEDTLS_TIMING_C
-scripts/config.pl unset MBEDTLS_FS_IO
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
-# following things are not in the default config
-scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
-scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
-scripts/config.pl unset MBEDTLS_THREADING_C
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
-scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
-scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
-make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
-echo "Checking that software 64-bit division is not required"
-if_build_succeeded not grep __aeabi_uldiv library/*.o
-
-msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_NET_C
-scripts/config.pl unset MBEDTLS_TIMING_C
-scripts/config.pl unset MBEDTLS_FS_IO
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
-# following things are not in the default config
-scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
-scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
-scripts/config.pl unset MBEDTLS_THREADING_C
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
-scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
-scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
-make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib
-echo "Checking that software 64-bit multiplication is not required"
-if_build_succeeded not grep __aeabi_lmul library/*.o
-
-msg "build: ARM Compiler 5, make"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_NET_C
-scripts/config.pl unset MBEDTLS_TIMING_C
-scripts/config.pl unset MBEDTLS_FS_IO
-scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
-scripts/config.pl unset MBEDTLS_HAVE_TIME
-scripts/config.pl unset MBEDTLS_HAVE_TIME_DATE
-scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY
-# following things are not in the default config
-scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING
-scripts/config.pl unset MBEDTLS_HAVEGE_C # depends on timing.c
-scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
-scripts/config.pl unset MBEDTLS_THREADING_C
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
-scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
-scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME
-
-if [ $RUN_ARMCC -ne 0 ]; then
make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib
make clean
@@ -957,46 +1164,33 @@
# ARM Compiler 6 - Target ARMv8-A - AArch64
armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a"
-fi
+}
-msg "build: allow SHA1 in certificates by default"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
-make CFLAGS='-Werror -Wall -Wextra'
-msg "test: allow SHA1 in certificates by default"
-make test
-if_build_succeeded tests/ssl-opt.sh -f SHA-1
+component_test_allow_sha1 () {
+ msg "build: allow SHA1 in certificates by default"
+ scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+ make CFLAGS='-Werror -Wall -Wextra'
+ msg "test: allow SHA1 in certificates by default"
+ make test
+ if_build_succeeded tests/ssl-opt.sh -f SHA-1
+}
-msg "build: Default + MBEDTLS_RSA_NO_CRT (ASan build)" # ~ 6 min
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl set MBEDTLS_RSA_NO_CRT
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
+component_build_mingw () {
+ msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
+ make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
-msg "test: MBEDTLS_RSA_NO_CRT - main suites (inc. selftests) (ASan build)"
-make test
+ # note Make tests only builds the tests, but doesn't run them
+ make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests
+ make WINDOWS_BUILD=1 clean
-msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
-cleanup
-make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
+ msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s
+ make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs
+ make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests
+ make WINDOWS_BUILD=1 clean
+}
-# note Make tests only builds the tests, but doesn't run them
-make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests
-make WINDOWS_BUILD=1 clean
-
-msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s
-make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs
-make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests
-make WINDOWS_BUILD=1 clean
-
-# MemSan currently only available on Linux 64 bits
-if uname -a | grep 'Linux.*x86_64' >/dev/null; then
-
+component_test_memsan () {
msg "build: MSan (clang)" # ~ 1 min 20s
- cleanup
- cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl unset MBEDTLS_AESNI_C # memsan doesn't grok asm
CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan .
make
@@ -1013,11 +1207,10 @@
msg "test: compat.sh (MSan)" # ~ 6 min 20s
if_build_succeeded tests/compat.sh
fi
+}
-else # no MemSan
-
+component_test_valgrind () {
msg "build: Release (clang)"
- cleanup
CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release .
make
@@ -1037,63 +1230,125 @@
msg "test: compat.sh --memcheck (Release)"
if_build_succeeded tests/compat.sh --memcheck
fi
+}
-fi # MemSan
+component_test_cmake_out_of_source () {
+ msg "build: cmake 'out-of-source' build"
+ MBEDTLS_ROOT_DIR="$PWD"
+ mkdir "$OUT_OF_SOURCE_DIR"
+ cd "$OUT_OF_SOURCE_DIR"
+ cmake "$MBEDTLS_ROOT_DIR"
+ make
-msg "build: cmake 'out-of-source' build"
-cleanup
-MBEDTLS_ROOT_DIR="$PWD"
-mkdir "$OUT_OF_SOURCE_DIR"
-cd "$OUT_OF_SOURCE_DIR"
-cmake "$MBEDTLS_ROOT_DIR"
-make
+ msg "test: cmake 'out-of-source' build"
+ make test
+ # Test an SSL option that requires an auxiliary script in test/scripts/.
+ # Also ensure that there are no error messages such as
+ # "No such file or directory", which would indicate that some required
+ # file is missing (ssl-opt.sh tolerates the absence of some files so
+ # may exit with status 0 but emit errors).
+ if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err
+ if [ -s ssl-opt.err ]; then
+ cat ssl-opt.err >&2
+ record_status [ ! -s ssl-opt.err ]
+ rm ssl-opt.err
+ fi
+ cd "$MBEDTLS_ROOT_DIR"
+ rm -rf "$OUT_OF_SOURCE_DIR"
+ unset MBEDTLS_ROOT_DIR
+}
-msg "test: cmake 'out-of-source' build"
-make test
-# Test an SSL option that requires an auxiliary script in test/scripts/.
-# Also ensure that there are no error messages such as
-# "No such file or directory", which would indicate that some required
-# file is missing (ssl-opt.sh tolerates the absence of some files so
-# may exit with status 0 but emit errors).
-if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err
-if [ -s ssl-opt.err ]; then
- cat ssl-opt.err >&2
- record_status [ ! -s ssl-opt.err ]
- rm ssl-opt.err
-fi
-cd "$MBEDTLS_ROOT_DIR"
-rm -rf "$OUT_OF_SOURCE_DIR"
-unset MBEDTLS_ROOT_DIR
+component_test_zeroize () {
+ # Test that the function mbedtls_platform_zeroize() is not optimized away by
+ # different combinations of compilers and optimization flags by using an
+ # auxiliary GDB script. Unfortunately, GDB does not return error values to the
+ # system in all cases that the script fails, so we must manually search the
+ # output to check whether the pass string is present and no failure strings
+ # were printed.
-# Test that the function mbedtls_platform_zeroize() is not optimized away by
-# different combinations of compilers and optimization flags by using an
-# auxiliary GDB script. Unfortunately, GDB does not return error values to the
-# system in all cases that the script fails, so we must manually search the
-# output to check whether the pass string is present and no failure strings
-# were printed.
-for optimization_flag in -O2 -O3 -Ofast -Os; do
- for compiler in clang gcc; do
- msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
- cleanup
- make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
- if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
- if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log
- if_build_succeeded not grep -i "error" test_zeroize.log
- rm -f test_zeroize.log
+ # Don't try to disable ASLR. We don't care about ASLR here. We do care
+ # about a spurious message if Gdb tries and fails, so suppress that.
+ gdb_disable_aslr=
+ if [ -z "$(gdb -batch -nw -ex 'set disable-randomization off' 2>&1)" ]; then
+ gdb_disable_aslr='set disable-randomization off'
+ fi
+
+ for optimization_flag in -O2 -O3 -Ofast -Os; do
+ for compiler in clang gcc; do
+ msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
+ make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
+ if_build_succeeded gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
+ if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log
+ if_build_succeeded not grep -i "error" test_zeroize.log
+ rm -f test_zeroize.log
+ make clean
+ done
done
-done
-msg "Lint: Python scripts"
-record_status tests/scripts/check-python-files.sh
+ unset gdb_disable_aslr
+}
-msg "uint test: generate_test_code.py"
-record_status ./tests/scripts/test_generate_test_code.py
+component_check_python_files () {
+ msg "Lint: Python scripts"
+ record_status tests/scripts/check-python-files.sh
+}
+
+component_check_generate_test_code () {
+ msg "uint test: generate_test_code.py"
+ record_status ./tests/scripts/test_generate_test_code.py
+}
################################################################
#### Termination
################################################################
-msg "Done, cleaning up"
+post_report () {
+ msg "Done, cleaning up"
+ cleanup
+
+ final_report
+}
+
+
+
+################################################################
+#### Run all the things
+################################################################
+
+# Run one component and clean up afterwards.
+run_component () {
+ # Back up the configuration in case the component modifies it.
+ # The cleanup function will restore it.
+ cp -p "$CONFIG_H" "$CONFIG_BAK"
+ current_component="$1"
+ "$@"
+ cleanup
+}
+
+# Preliminary setup
+pre_check_environment
+pre_initialize_variables
+pre_parse_command_line "$@"
+
+pre_check_git
+pre_check_seedfile
+
+build_status=0
+if [ $KEEP_GOING -eq 1 ]; then
+ pre_setup_keep_going
+else
+ record_status () {
+ "$@"
+ }
+fi
+pre_print_configuration
+pre_check_tools
cleanup
-final_report
+# Run the requested tests.
+for component in $RUN_COMPONENTS; do
+ run_component "component_$component"
+done
+
+# We're done.
+post_report
diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh
index 4976bac..065ea33 100755
--- a/tests/scripts/check-generated-files.sh
+++ b/tests/scripts/check-generated-files.sh
@@ -65,5 +65,6 @@
}
check scripts/generate_errors.pl library/error.c
+check scripts/generate_query_config.pl programs/ssl/query_config.c
check scripts/generate_features.pl library/version_features.c
check scripts/generate_visualc_files.pl visualc/VS2010
diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh
index f18a162..925037c 100755
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@@ -40,7 +40,7 @@
for THING in actual-macros enum-consts; do
printf "Names of $THING: "
test -r $THING
- BAD=$( grep -v '^MBEDTLS_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
+ BAD=$( grep -E -v '^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
if [ "x$BAD" = "x" ]; then
echo "PASS"
else
@@ -53,7 +53,7 @@
for THING in identifiers; do
printf "Names of $THING: "
test -r $THING
- BAD=$( grep -v '^mbedtls_[0-9a-z_]*[0-9a-z]$' $THING || true )
+ BAD=$( grep -E -v '^(mbedtls|psa)_[0-9a-z_]*[0-9a-z]$' $THING || true )
if [ "x$BAD" = "x" ]; then
echo "PASS"
else
@@ -65,7 +65,7 @@
printf "Likely typos: "
sort -u actual-macros enum-consts > _caps
-HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' )
NL='
'
sed -n 's/MBED..._[A-Z0-9_]*/\'"$NL"'&\'"$NL"/gp \
diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py
index ce6f88c..1258024 100755
--- a/tests/scripts/generate_test_code.py
+++ b/tests/scripts/generate_test_code.py
@@ -184,7 +184,13 @@
END_CASE_REGEX = r'/\*\s*END_CASE\s*\*/'
DEPENDENCY_REGEX = r'depends_on:(?P<dependencies>.*)'
-C_IDENTIFIER_REGEX = r'!?[a-z_][a-z0-9_]*$'
+C_IDENTIFIER_REGEX = r'!?[a-z_][a-z0-9_]*'
+CONDITION_OPERATOR_REGEX = r'[!=]=|[<>]=?'
+# forbid 0ddd which might be accidentally octal or accidentally decimal
+CONDITION_VALUE_REGEX = r'[-+]?(0x[0-9a-f]+|0|[1-9][0-9]*)'
+CONDITION_REGEX = r'({})(?:\s*({})\s*({}))?$'.format(C_IDENTIFIER_REGEX,
+ CONDITION_OPERATOR_REGEX,
+ CONDITION_VALUE_REGEX)
TEST_FUNCTION_VALIDATION_REGEX = r'\s*void\s+(?P<func_name>\w+)\s*\('
INT_CHECK_REGEX = r'int\s+.*'
CHAR_CHECK_REGEX = r'char\s*\*\s*.*'
@@ -383,7 +389,7 @@
:return: input dependency stripped of leading & trailing white spaces.
"""
dependency = dependency.strip()
- if not re.match(C_IDENTIFIER_REGEX, dependency, re.I):
+ if not re.match(CONDITION_REGEX, dependency, re.I):
raise GeneratorInputError('Invalid dependency %s' % dependency)
return dependency
@@ -733,16 +739,27 @@
_not, dep = ('!', dep[1:]) if dep[0] == '!' else ('', dep)
if not dep:
raise GeneratorInputError("Dependency should not be an empty string.")
+
+ dependency = re.match(CONDITION_REGEX, dep, re.I)
+ if not dependency:
+ raise GeneratorInputError('Invalid dependency %s' % dep)
+
+ _defined = '' if dependency.group(2) else 'defined'
+ _cond = dependency.group(2) if dependency.group(2) else ''
+ _value = dependency.group(3) if dependency.group(3) else ''
+
dep_check = '''
case {id}:
{{
-#if {_not}defined({macro})
+#if {_not}{_defined}({macro}{_cond}{_value})
ret = DEPENDENCY_SUPPORTED;
#else
ret = DEPENDENCY_NOT_SUPPORTED;
#endif
}}
- break;'''.format(_not=_not, macro=dep, id=dep_id)
+ break;'''.format(_not=_not, _defined=_defined,
+ macro=dependency.group(1), id=dep_id,
+ _cond=_cond, _value=_value)
return dep_check
diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh
index 130d9d6..ccd488c 100755
--- a/tests/scripts/list-identifiers.sh
+++ b/tests/scripts/list-identifiers.sh
@@ -7,7 +7,7 @@
exit 1
fi
-HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
rm -f identifiers
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index 3c84adb..5982bb7 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -7,7 +7,7 @@
exit 1
fi
-HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' )
sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \
| egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \
diff --git a/tests/scripts/mbedtls_test.py b/tests/scripts/mbedtls_test.py
index f9e88cf..c702765 100755
--- a/tests/scripts/mbedtls_test.py
+++ b/tests/scripts/mbedtls_test.py
@@ -75,11 +75,10 @@
:param split_char: Split character
:return: List of splits
"""
+ split_colon_fn = lambda x: re.sub(r'\\' + split_char, split_char, x)
if len(split_char) > 1:
raise ValueError('Expected split character. Found string!')
- out = re.sub(r'(\\.)|' + split_char,
- lambda m: m.group(1) or '\n', inp_str,
- len(inp_str)).split('\n')
+ out = map(split_colon_fn, re.split(r'(?<!\\)' + split_char, inp_str))
out = [x for x in out if x]
return out
@@ -112,8 +111,8 @@
args = parts[1:]
args_count = len(args)
if args_count % 2 != 0:
- raise TestDataParserError("Number of test arguments should "
- "be even: %s" % line)
+ err_str_fmt = "Number of test arguments({}) should be even: {}"
+ raise TestDataParserError(err_str_fmt.format(args_count, line))
grouped_args = [(args[i * 2], args[(i * 2) + 1])
for i in range(len(args)/2)]
self.tests.append((name, function_name, dependencies,
@@ -163,6 +162,7 @@
self.tests = []
self.test_index = -1
self.dep_index = 0
+ self.suite_passed = True
self.error_str = dict()
self.error_str[self.DEPENDENCY_SUPPORTED] = \
'DEPENDENCY_SUPPORTED'
@@ -293,7 +293,7 @@
name, function_id, dependencies, args = self.tests[self.test_index]
self.run_test(name, function_id, dependencies, args)
else:
- self.notify_complete(True)
+ self.notify_complete(self.suite_passed)
def run_test(self, name, function_id, dependencies, args):
"""
@@ -353,6 +353,8 @@
self.log('{{__testcase_start;%s}}' % name)
self.log('{{__testcase_finish;%s;%d;%d}}' % (name, int_val == 0,
int_val != 0))
+ if int_val != 0:
+ self.suite_passed = False
self.run_next_test()
@event_callback("F")
diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index 80d5f38..d12c4c2 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -17,6 +17,10 @@
use strict;
my %configs = (
+ 'config-default.h' => {
+ 'opt' => '-f Default',
+ 'compat' => '-m tls1_2 -V NO',
+ },
'config-mini-tls1_1.h' => {
'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'',
},
diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py
new file mode 100755
index 0000000..5e128eb
--- /dev/null
+++ b/tests/scripts/test_psa_constant_names.py
@@ -0,0 +1,332 @@
+#!/usr/bin/env python3
+'''Test the program psa_constant_names.
+Gather constant names from header files and test cases. Compile a C program
+to print out their numerical values, feed these numerical values to
+psa_constant_names, and check that the output is the original name.
+Return 0 if all test cases pass, 1 if the output was not always as expected,
+or 1 (with a Python backtrace) if there was an operational error.'''
+
+import argparse
+import itertools
+import os
+import platform
+import re
+import subprocess
+import sys
+import tempfile
+
+class ReadFileLineException(Exception):
+ def __init__(self, filename, line_number):
+ message = 'in {} at {}'.format(filename, line_number)
+ super(ReadFileLineException, self).__init__(message)
+ self.filename = filename
+ self.line_number = line_number
+
+class read_file_lines:
+ '''Context manager to read a text file line by line.
+with read_file_lines(filename) as lines:
+ for line in lines:
+ process(line)
+is equivalent to
+with open(filename, 'r') as input_file:
+ for line in input_file:
+ process(line)
+except that if process(line) raises an exception, then the read_file_lines
+snippet annotates the exception with the file name and line number.'''
+ def __init__(self, filename):
+ self.filename = filename
+ self.line_number = 'entry'
+ def __enter__(self):
+ self.generator = enumerate(open(self.filename, 'r'))
+ return self
+ def __iter__(self):
+ for line_number, content in self.generator:
+ self.line_number = line_number
+ yield content
+ self.line_number = 'exit'
+ def __exit__(self, type, value, traceback):
+ if type is not None:
+ raise ReadFileLineException(self.filename, self.line_number) \
+ from value
+
+class Inputs:
+ '''Accumulate information about macros to test.
+This includes macro names as well as information about their arguments
+when applicable.'''
+ def __init__(self):
+ # Sets of names per type
+ self.statuses = set(['PSA_SUCCESS'])
+ self.algorithms = set(['0xffffffff'])
+ self.ecc_curves = set(['0xffff'])
+ self.key_types = set(['0xffffffff'])
+ self.key_usage_flags = set(['0x80000000'])
+ # Hard-coded value for unknown algorithms
+ self.hash_algorithms = set(['0x010000fe'])
+ self.mac_algorithms = set(['0x02ff00ff'])
+ self.kdf_algorithms = set(['0x300000ff', '0x310000ff'])
+ # For AEAD algorithms, the only variability is over the tag length,
+ # and this only applies to known algorithms, so don't test an
+ # unknown algorithm.
+ self.aead_algorithms = set()
+ # Identifier prefixes
+ self.table_by_prefix = {
+ 'ERROR': self.statuses,
+ 'ALG': self.algorithms,
+ 'CURVE': self.ecc_curves,
+ 'KEY_TYPE': self.key_types,
+ 'KEY_USAGE': self.key_usage_flags,
+ }
+ # macro name -> list of argument names
+ self.argspecs = {}
+ # argument name -> list of values
+ self.arguments_for = {
+ 'mac_length': ['1', '63'],
+ 'tag_length': ['1', '63'],
+ }
+
+ def gather_arguments(self):
+ '''Populate the list of values for macro arguments.
+Call this after parsing all the inputs.'''
+ self.arguments_for['hash_alg'] = sorted(self.hash_algorithms)
+ self.arguments_for['mac_alg'] = sorted(self.mac_algorithms)
+ self.arguments_for['kdf_alg'] = sorted(self.kdf_algorithms)
+ self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
+ self.arguments_for['curve'] = sorted(self.ecc_curves)
+
+ def format_arguments(self, name, arguments):
+ '''Format a macro call with arguments..'''
+ return name + '(' + ', '.join(arguments) + ')'
+
+ def distribute_arguments(self, name):
+ '''Generate macro calls with each tested argument set.
+If name is a macro without arguments, just yield "name".
+If name is a macro with arguments, yield a series of "name(arg1,...,argN)"
+where each argument takes each possible value at least once.'''
+ try:
+ if name not in self.argspecs:
+ yield name
+ return
+ argspec = self.argspecs[name]
+ if argspec == []:
+ yield name + '()'
+ return
+ argument_lists = [self.arguments_for[arg] for arg in argspec]
+ arguments = [values[0] for values in argument_lists]
+ yield self.format_arguments(name, arguments)
+ for i in range(len(arguments)):
+ for value in argument_lists[i][1:]:
+ arguments[i] = value
+ yield self.format_arguments(name, arguments)
+ arguments[i] = argument_lists[0][0]
+ except BaseException as e:
+ raise Exception('distribute_arguments({})'.format(name)) from e
+
+ # Regex for interesting header lines.
+ # Groups: 1=macro name, 2=type, 3=argument list (optional).
+ header_line_re = \
+ re.compile(r'#define +' +
+ r'(PSA_((?:KEY_)?[A-Z]+)_\w+)' +
+ r'(?:\(([^\n()]*)\))?')
+ # Regex of macro names to exclude.
+ excluded_name_re = re.compile('_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z')
+ # Additional excluded macros.
+ # PSA_ALG_ECDH and PSA_ALG_FFDH are excluded for now as the script
+ # currently doesn't support them. Deprecated errors are also excluded.
+ excluded_names = set(['PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH',
+ 'PSA_ALG_FULL_LENGTH_MAC',
+ 'PSA_ALG_ECDH',
+ 'PSA_ALG_FFDH',
+ 'PSA_ERROR_UNKNOWN_ERROR',
+ 'PSA_ERROR_OCCUPIED_SLOT',
+ 'PSA_ERROR_EMPTY_SLOT',
+ 'PSA_ERROR_INSUFFICIENT_CAPACITY',
+ ])
+ argument_split_re = re.compile(r' *, *')
+ def parse_header_line(self, line):
+ '''Parse a C header line, looking for "#define PSA_xxx".'''
+ m = re.match(self.header_line_re, line)
+ if not m:
+ return
+ name = m.group(1)
+ if re.search(self.excluded_name_re, name) or \
+ name in self.excluded_names:
+ return
+ dest = self.table_by_prefix.get(m.group(2))
+ if dest is None:
+ return
+ dest.add(name)
+ if m.group(3):
+ self.argspecs[name] = re.split(self.argument_split_re, m.group(3))
+
+ def parse_header(self, filename):
+ '''Parse a C header file, looking for "#define PSA_xxx".'''
+ with read_file_lines(filename) as lines:
+ for line in lines:
+ self.parse_header_line(line)
+
+ def add_test_case_line(self, function, argument):
+ '''Parse a test case data line, looking for algorithm metadata tests.'''
+ if function.endswith('_algorithm'):
+ # As above, ECDH and FFDH algorithms are excluded for now.
+ # Support for them will be added in the future.
+ if 'ECDH' in argument or 'FFDH' in argument:
+ return
+ self.algorithms.add(argument)
+ if function == 'hash_algorithm':
+ self.hash_algorithms.add(argument)
+ elif function in ['mac_algorithm', 'hmac_algorithm']:
+ self.mac_algorithms.add(argument)
+ elif function == 'aead_algorithm':
+ self.aead_algorithms.add(argument)
+ elif function == 'key_type':
+ self.key_types.add(argument)
+ elif function == 'ecc_key_types':
+ self.ecc_curves.add(argument)
+
+ # Regex matching a *.data line containing a test function call and
+ # its arguments. The actual definition is partly positional, but this
+ # regex is good enough in practice.
+ test_case_line_re = re.compile('(?!depends_on:)(\w+):([^\n :][^:\n]*)')
+ def parse_test_cases(self, filename):
+ '''Parse a test case file (*.data), looking for algorithm metadata tests.'''
+ with read_file_lines(filename) as lines:
+ for line in lines:
+ m = re.match(self.test_case_line_re, line)
+ if m:
+ self.add_test_case_line(m.group(1), m.group(2))
+
+def gather_inputs(headers, test_suites):
+ '''Read the list of inputs to test psa_constant_names with.'''
+ inputs = Inputs()
+ for header in headers:
+ inputs.parse_header(header)
+ for test_cases in test_suites:
+ inputs.parse_test_cases(test_cases)
+ inputs.gather_arguments()
+ return inputs
+
+def remove_file_if_exists(filename):
+ '''Remove the specified file, ignoring errors.'''
+ if not filename:
+ return
+ try:
+ os.remove(filename)
+ except:
+ pass
+
+def run_c(options, type, names):
+ '''Generate and run a program to print out numerical values for names.'''
+ if type == 'status':
+ cast_to = 'long'
+ printf_format = '%ld'
+ else:
+ cast_to = 'unsigned long'
+ printf_format = '0x%08lx'
+ c_name = None
+ exe_name = None
+ try:
+ c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(type),
+ suffix='.c',
+ dir='programs/psa')
+ exe_suffix = '.exe' if platform.system() == 'Windows' else ''
+ exe_name = c_name[:-2] + exe_suffix
+ remove_file_if_exists(exe_name)
+ c_file = os.fdopen(c_fd, 'w', encoding='ascii')
+ c_file.write('/* Generated by test_psa_constant_names.py for {} values */'
+ .format(type))
+ c_file.write('''
+#include <stdio.h>
+#include <psa/crypto.h>
+int main(void)
+{
+''')
+ for name in names:
+ c_file.write(' printf("{}\\n", ({}) {});\n'
+ .format(printf_format, cast_to, name))
+ c_file.write(''' return 0;
+}
+''')
+ c_file.close()
+ cc = os.getenv('CC', 'cc')
+ subprocess.check_call([cc] +
+ ['-I' + dir for dir in options.include] +
+ ['-o', exe_name, c_name])
+ if options.keep_c:
+ sys.stderr.write('List of {} tests kept at {}\n'
+ .format(type, c_name))
+ else:
+ os.remove(c_name)
+ output = subprocess.check_output([exe_name])
+ return output.decode('ascii').strip().split('\n')
+ finally:
+ remove_file_if_exists(exe_name)
+
+normalize_strip_re = re.compile(r'\s+')
+def normalize(expr):
+ '''Normalize the C expression so as not to care about trivial differences.
+Currently "trivial differences" means whitespace.'''
+ expr = re.sub(normalize_strip_re, '', expr, len(expr))
+ return expr.strip().split('\n')
+
+def do_test(options, inputs, type, names):
+ '''Test psa_constant_names for the specified type.
+Run program on names.
+Use inputs to figure out what arguments to pass to macros that take arguments.'''
+ names = sorted(itertools.chain(*map(inputs.distribute_arguments, names)))
+ values = run_c(options, type, names)
+ output = subprocess.check_output([options.program, type] + values)
+ outputs = output.decode('ascii').strip().split('\n')
+ errors = [(type, name, value, output)
+ for (name, value, output) in zip(names, values, outputs)
+ if normalize(name) != normalize(output)]
+ return len(names), errors
+
+def report_errors(errors):
+ '''Describe each case where the output is not as expected.'''
+ for type, name, value, output in errors:
+ print('For {} "{}", got "{}" (value: {})'
+ .format(type, name, output, value))
+
+def run_tests(options, inputs):
+ '''Run psa_constant_names on all the gathered inputs.
+Return a tuple (count, errors) where count is the total number of inputs
+that were tested and errors is the list of cases where the output was
+not as expected.'''
+ count = 0
+ errors = []
+ for type, names in [('status', inputs.statuses),
+ ('algorithm', inputs.algorithms),
+ ('ecc_curve', inputs.ecc_curves),
+ ('key_type', inputs.key_types),
+ ('key_usage', inputs.key_usage_flags)]:
+ c, e = do_test(options, inputs, type, names)
+ count += c
+ errors += e
+ return count, errors
+
+if __name__ == '__main__':
+ parser = argparse.ArgumentParser(description=globals()['__doc__'])
+ parser.add_argument('--include', '-I',
+ action='append', default=['include'],
+ help='Directory for header files')
+ parser.add_argument('--program',
+ default='programs/psa/psa_constant_names',
+ help='Program to test')
+ parser.add_argument('--keep-c',
+ action='store_true', dest='keep_c', default=False,
+ help='Keep the intermediate C file')
+ parser.add_argument('--no-keep-c',
+ action='store_false', dest='keep_c',
+ help='Don\'t keep the intermediate C file (default)')
+ options = parser.parse_args()
+ headers = [os.path.join(options.include[0], 'psa', h)
+ for h in ['crypto.h', 'crypto_extra.h', 'crypto_values.h']]
+ test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data']
+ inputs = gather_inputs(headers, test_suites)
+ count, errors = run_tests(options, inputs)
+ report_errors(errors)
+ if errors == []:
+ print('{} test cases PASS'.format(count))
+ else:
+ print('{} test cases, {} FAIL'.format(count, len(errors)))
+ exit(1)
diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb
index 77c812a..c929c88 100644
--- a/tests/scripts/test_zeroize.gdb
+++ b/tests/scripts/test_zeroize.gdb
@@ -17,7 +17,7 @@
# seem to be a mechanism to reliably check whether the zeroize calls are being
# eliminated by compiler optimizations from within the compiled program. The
# problem is that a compiler would typically remove what it considers to be
-# "unecessary" assignments as part of redundant code elimination. To identify
+# "unnecessary" assignments as part of redundant code elimination. To identify
# such code, the compilar will create some form dependency graph between
# reads and writes to variables (among other situations). It will then use this
# data structure to remove redundant code that does not have an impact on the
@@ -41,8 +41,6 @@
# number does not need to be updated often.
set confirm off
-# We don't need to turn off ASLR, so don't try.
-set disable-randomization off
file ./programs/test/zeroize
break zeroize.c:100
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 335f59d..ff05f64 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -26,7 +26,7 @@
exit 1
fi
-# default values, can be overriden by the environment
+# default values, can be overridden by the environment
: ${P_SRV:=../programs/ssl/ssl_server2}
: ${P_CLI:=../programs/ssl/ssl_client2}
: ${P_PXY:=../programs/test/udp_proxy}
@@ -165,26 +165,44 @@
}
get_config_value_or_default() {
- NAME="$1"
- DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h |
- sed 's/^.*\s\([0-9]*\)$/\1/' )
- ../scripts/config.pl get $NAME || echo "$DEF_VAL"
+ # This function uses the query_config command line option to query the
+ # required Mbed TLS compile time configuration from the ssl_server2
+ # program. The command will always return a success value if the
+ # configuration is defined and the value will be printed to stdout.
+ #
+ # Note that if the configuration is not defined or is defined to nothing,
+ # the output of this function will be an empty string.
+ ${P_SRV} "query_config=${1}"
}
requires_config_value_at_least() {
- VAL=$( get_config_value_or_default "$1" )
- if [ "$VAL" -lt "$2" ]; then
+ VAL="$( get_config_value_or_default "$1" )"
+ if [ -z "$VAL" ]; then
+ # Should never happen
+ echo "Mbed TLS configuration $1 is not defined"
+ exit 1
+ elif [ "$VAL" -lt "$2" ]; then
SKIP_NEXT="YES"
fi
}
requires_config_value_at_most() {
VAL=$( get_config_value_or_default "$1" )
- if [ "$VAL" -gt "$2" ]; then
+ if [ -z "$VAL" ]; then
+ # Should never happen
+ echo "Mbed TLS configuration $1 is not defined"
+ exit 1
+ elif [ "$VAL" -gt "$2" ]; then
SKIP_NEXT="YES"
fi
}
+requires_ciphersuite_enabled() {
+ if [ -z "$($P_CLI --help | grep $1)" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
# skip next test if OpenSSL doesn't support FALLBACK_SCSV
requires_openssl_with_fallback_scsv() {
if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
@@ -519,14 +537,6 @@
SKIP_NEXT="YES"
fi
- # should we skip?
- if [ "X$SKIP_NEXT" = "XYES" ]; then
- SKIP_NEXT="NO"
- echo "SKIP"
- SKIPS=$(( $SKIPS + 1 ))
- return
- fi
-
# does this test use a proxy?
if [ "X$1" = "X-p" ]; then
PXY_CMD="$2"
@@ -541,6 +551,26 @@
CLI_EXPECT="$3"
shift 3
+ # Check if server forces ciphersuite
+ FORCE_CIPHERSUITE=$(echo "$SRV_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p')
+ if [ ! -z "$FORCE_CIPHERSUITE" ]; then
+ requires_ciphersuite_enabled $FORCE_CIPHERSUITE
+ fi
+
+ # Check if client forces ciphersuite
+ FORCE_CIPHERSUITE=$(echo "$CLI_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p')
+ if [ ! -z "$FORCE_CIPHERSUITE" ]; then
+ requires_ciphersuite_enabled $FORCE_CIPHERSUITE
+ fi
+
+ # should we skip?
+ if [ "X$SKIP_NEXT" = "XYES" ]; then
+ SKIP_NEXT="NO"
+ echo "SKIP"
+ SKIPS=$(( $SKIPS + 1 ))
+ return
+ fi
+
# fix client port
if [ -n "$PXY_CMD" ]; then
CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
@@ -671,7 +701,7 @@
# The filtering in the following two options (-u and -U) do the following
# - ignore valgrind output
- # - filter out everything but lines right after the pattern occurances
+ # - filter out everything but lines right after the pattern occurrences
# - keep one of each non-unique line
# - count how many lines remain
# A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
@@ -734,6 +764,52 @@
rm -f $SRV_OUT $CLI_OUT $PXY_OUT
}
+run_test_psa() {
+ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+ run_test "PSA-supported ciphersuite: $1" \
+ "$P_SRV debug_level=2 force_version=tls1_2" \
+ "$P_CLI debug_level=2 force_version=tls1_2 force_ciphersuite=$1" \
+ 0 \
+ -c "Successfully setup PSA-based decryption cipher context" \
+ -c "Successfully setup PSA-based encryption cipher context" \
+ -c "PSA calc verify" \
+ -c "calc PSA finished" \
+ -s "Successfully setup PSA-based decryption cipher context" \
+ -s "Successfully setup PSA-based encryption cipher context" \
+ -s "PSA calc verify" \
+ -s "calc PSA finished" \
+ -C "Failed to setup PSA-based cipher context"\
+ -S "Failed to setup PSA-based cipher context"\
+ -s "Protocol is TLSv1.2" \
+ -c "Perform PSA-based ECDH computation."\
+ -c "Perform PSA-based computation of digest of ServerKeyExchange" \
+ -S "error" \
+ -C "error"
+}
+
+run_test_psa_force_curve() {
+ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+ run_test "PSA - ECDH with $1" \
+ "$P_SRV debug_level=4 force_version=tls1_2" \
+ "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
+ 0 \
+ -c "Successfully setup PSA-based decryption cipher context" \
+ -c "Successfully setup PSA-based encryption cipher context" \
+ -c "PSA calc verify" \
+ -c "calc PSA finished" \
+ -s "Successfully setup PSA-based decryption cipher context" \
+ -s "Successfully setup PSA-based encryption cipher context" \
+ -s "PSA calc verify" \
+ -s "calc PSA finished" \
+ -C "Failed to setup PSA-based cipher context"\
+ -S "Failed to setup PSA-based cipher context"\
+ -s "Protocol is TLSv1.2" \
+ -c "Perform PSA-based ECDH computation."\
+ -c "Perform PSA-based computation of digest of ServerKeyExchange" \
+ -S "error" \
+ -C "error"
+}
+
cleanup() {
rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
@@ -865,6 +941,56 @@
-s "Protocol is DTLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
+# Test using an opaque private key for client authentication
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+run_test "Opaque key for client authentication" \
+ "$P_SRV auth_mode=required" \
+ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
+ key_file=data_files/server5.key" \
+ 0 \
+ -c "key type: Opaque" \
+ -s "Verifying peer X.509 certificate... ok" \
+ -S "error" \
+ -C "error"
+
+# Test ciphersuites which we expect to be fully supported by PSA Crypto
+# and check that we don't fall back to Mbed TLS' internal crypto primitives.
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
+
+requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED
+run_test_psa_force_curve "secp521r1"
+requires_config_enabled MBEDTLS_ECP_DP_BP512R1_ENABLED
+run_test_psa_force_curve "brainpoolP512r1"
+requires_config_enabled MBEDTLS_ECP_DP_SECP384R1_ENABLED
+run_test_psa_force_curve "secp384r1"
+requires_config_enabled MBEDTLS_ECP_DP_BP384R1_ENABLED
+run_test_psa_force_curve "brainpoolP384r1"
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+run_test_psa_force_curve "secp256r1"
+requires_config_enabled MBEDTLS_ECP_DP_SECP256K1_ENABLED
+run_test_psa_force_curve "secp256k1"
+requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED
+run_test_psa_force_curve "brainpoolP256r1"
+requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED
+run_test_psa_force_curve "secp224r1"
+requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED
+run_test_psa_force_curve "secp224k1"
+requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED
+run_test_psa_force_curve "secp192r1"
+requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED
+run_test_psa_force_curve "secp192k1"
+
# Test current time in ServerHello
requires_config_enabled MBEDTLS_HAVE_TIME
run_test "ServerHello contains gmt_unix_time" \
@@ -2740,7 +2866,7 @@
key_file=data_files/dir-maxpath/09.key" \
"$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
0 \
- -C "X509 - A fatal error occured"
+ -C "X509 - A fatal error occurred"
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client default" \
@@ -2748,7 +2874,7 @@
key_file=data_files/dir-maxpath/10.key" \
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
1 \
- -c "X509 - A fatal error occured"
+ -c "X509 - A fatal error occurred"
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client optional" \
@@ -2757,7 +2883,7 @@
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
auth_mode=optional" \
1 \
- -c "X509 - A fatal error occured"
+ -c "X509 - A fatal error occurred"
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client none" \
@@ -2766,7 +2892,7 @@
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
auth_mode=none" \
0 \
- -C "X509 - A fatal error occured"
+ -C "X509 - A fatal error occurred"
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server default" \
@@ -2774,7 +2900,7 @@
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
0 \
- -S "X509 - A fatal error occured"
+ -S "X509 - A fatal error occurred"
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server optional" \
@@ -2782,7 +2908,7 @@
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
1 \
- -s "X509 - A fatal error occured"
+ -s "X509 - A fatal error occurred"
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server required" \
@@ -2790,7 +2916,7 @@
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
1 \
- -s "X509 - A fatal error occured"
+ -s "X509 - A fatal error occurred"
requires_full_size_output_buffer
run_test "Authentication: client max_int chain, server required" \
@@ -2798,7 +2924,7 @@
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
key_file=data_files/dir-maxpath/09.key" \
0 \
- -S "X509 - A fatal error occured"
+ -S "X509 - A fatal error occurred"
# Tests for CA list in CertificateRequest messages
@@ -3830,6 +3956,240 @@
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: opaque psk on client, no callback" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque PSK"\
+ -S "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque PSK"\
+ -S "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: opaque psk on client, no callback, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque PSK"\
+ -S "skip PMS generation for opaque PSK"\
+ -c "using extended master secret"\
+ -s "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque PSK"\
+ -S "skip PMS generation for opaque PSK"\
+ -c "using extended master secret"\
+ -s "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, static opaque on server, no callback" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
+ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "using extended master secret"\
+ -s "using extended master secret"\
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
+ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "using extended master secret"\
+ -s "using extended master secret"\
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
+ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "using extended master secret"\
+ -s "using extended master secret"\
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
+ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "using extended master secret"\
+ -s "using extended master secret"\
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
+ "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -s "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque PSK"\
+ -C "using extended master secret"\
+ -S "using extended master secret"\
+ -S "SSL - None of the common ciphersuites is usable" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
+ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 1 \
+ -s "SSL - Verification of the message MAC failed"
+
run_test "PSK callback: no psk, no callback" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 1255ff4..122a17d 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -97,6 +97,14 @@
* This macro is not suitable for negative parameter validation tests,
* as it assumes the test step will not create an error.
*
+ * Failing the test means:
+ * - Mark this test case as failed.
+ * - Print a message identifying the failure.
+ * - Jump to the \c exit label.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
* \param TEST The test expression to be tested.
*/
#define TEST_ASSERT( TEST ) \
@@ -108,6 +116,77 @@
} \
} while( 0 )
+/** Evaluate two expressions and fail the test case if they have different
+ * values.
+ *
+ * \param expr1 An expression to evaluate.
+ * \param expr2 The expected value of \p expr1. This can be any
+ * expression, but it is typically a constant.
+ */
+#define TEST_EQUAL( expr1, expr2 ) \
+ TEST_ASSERT( ( expr1 ) == ( expr2 ) )
+
+/** Evaluate an expression and fail the test case if it returns an error.
+ *
+ * \param expr The expression to evaluate. This is typically a call
+ * to a \c psa_xxx function that returns a value of type
+ * #psa_status_t.
+ */
+#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS )
+
+/** Allocate memory dynamically and fail the test case if this fails.
+ *
+ * You must set \p pointer to \c NULL before calling this macro and
+ * put `mbedtls_free( pointer )` in the test's cleanup code.
+ *
+ * If \p length is zero, the resulting \p pointer will be \c NULL.
+ * This is usually what we want in tests since API functions are
+ * supposed to accept null pointers when a buffer size is zero.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param pointer An lvalue where the address of the allocated buffer
+ * will be stored.
+ * This expression may be evaluated multiple times.
+ * \param length Number of elements to allocate.
+ * This expression may be evaluated multiple times.
+ *
+ */
+#define ASSERT_ALLOC( pointer, length ) \
+ do \
+ { \
+ TEST_ASSERT( ( pointer ) == NULL ); \
+ if( ( length ) != 0 ) \
+ { \
+ ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
+ ( length ) ); \
+ TEST_ASSERT( ( pointer ) != NULL ); \
+ } \
+ } \
+ while( 0 )
+
+/** Compare two buffers and fail the test case if they differ.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param p1 Pointer to the start of the first buffer.
+ * \param size1 Size of the first buffer in bytes.
+ * This expression may be evaluated multiple times.
+ * \param p2 Pointer to the start of the second buffer.
+ * \param size2 Size of the second buffer in bytes.
+ * This expression may be evaluated multiple times.
+ */
+#define ASSERT_COMPARE( p1, size1, p2, size2 ) \
+ do \
+ { \
+ TEST_ASSERT( ( size1 ) == ( size2 ) ); \
+ if( ( size1 ) != 0 ) \
+ TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 ); \
+ } \
+ while( 0 )
+
#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT)
/**
* \brief This macro tests the statement passed to it as a test step or
@@ -214,6 +293,58 @@
mbedtls_exit( 1 ); \
}
+#if defined(__GNUC__)
+/* Test if arg and &(arg)[0] have the same type. This is true if arg is
+ * an array but not if it's a pointer. */
+#define IS_ARRAY_NOT_POINTER( arg ) \
+ ( ! __builtin_types_compatible_p( __typeof__( arg ), \
+ __typeof__( &( arg )[0] ) ) )
+#else
+/* On platforms where we don't know how to implement this check,
+ * omit it. Oh well, a non-portable check is better than nothing. */
+#define IS_ARRAY_NOT_POINTER( arg ) 1
+#endif
+
+/* A compile-time constant with the value 0. If `const_expr` is not a
+ * compile-time constant with a nonzero value, cause a compile-time error. */
+#define STATIC_ASSERT_EXPR( const_expr ) \
+ ( 0 && sizeof( struct { int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) )
+/* Return the scalar value `value` (possibly promoted). This is a compile-time
+ * constant if `value` is. `condition` must be a compile-time constant.
+ * If `condition` is false, arrange to cause a compile-time error. */
+#define STATIC_ASSERT_THEN_RETURN( condition, value ) \
+ ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) )
+
+#define ARRAY_LENGTH_UNSAFE( array ) \
+ ( sizeof( array ) / sizeof( *( array ) ) )
+/** Return the number of elements of a static or stack array.
+ *
+ * \param array A value of array (not pointer) type.
+ *
+ * \return The number of elements of the array.
+ */
+#define ARRAY_LENGTH( array ) \
+ ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \
+ ARRAY_LENGTH_UNSAFE( array ) ) )
+
+/** Return the smaller of two values.
+ *
+ * \param x An integer-valued expression without side effects.
+ * \param y An integer-valued expression without side effects.
+ *
+ * \return The smaller of \p x and \p y.
+ */
+#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) )
+
+/** Return the larger of two values.
+ *
+ * \param x An integer-valued expression without side effects.
+ * \param y An integer-valued expression without side effects.
+ *
+ * \return The larger of \p x and \p y.
+ */
+#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
+
/*
* 32-bit integer manipulation macros (big endian)
*/
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index ca4783d..1574556 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -25,6 +25,9 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
/*----------------------------------------------------------------------------*/
/* Common helper code */
@@ -251,8 +254,8 @@
ret );
return( -1 );
}
+
ret = execute_tests( argc, argv );
platform_teardown();
return( ret );
}
-
diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data
index ac9c565..46c172b 100644
--- a/tests/suites/test_suite_ccm.data
+++ b/tests/suites/test_suite_ccm.data
@@ -41,7 +41,7 @@
CCM lengths #6 tag length not even
ccm_lengths:5:10:5:7:MBEDTLS_ERR_CCM_BAD_INPUT
-CCM lenghts #7 AD too long (2^16 - 2^8 + 1)
+CCM lengths #7 AD too long (2^16 - 2^8 + 1)
depends_on:!MBEDTLS_CCM_ALT
ccm_lengths:5:10:65281:8:MBEDTLS_ERR_CCM_BAD_INPUT
diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data
index e810863..1a8ff1e 100644
--- a/tests/suites/test_suite_cipher.aes.data
+++ b/tests/suites/test_suite_cipher.aes.data
@@ -1512,187 +1512,283 @@
AES-128-ECB crypt Encrypt NIST KAT #1
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:0
AES-128-ECB crypt Encrypt NIST KAT #2
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"f0000000000000000000000000000000":"":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"f0000000000000000000000000000000":"":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8":0:0
AES-128-ECB crypt Encrypt NIST KAT #3
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0:0
AES-128-ECB crypt Decrypt NIST KAT #1
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0:0
AES-128-ECB crypt Decrypt NIST KAT #2
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0:0
AES-128-ECB crypt Decrypt NIST KAT #3
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0:0
AES-192-ECB crypt Encrypt NIST KAT #1
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0:0
AES-192-ECB crypt Encrypt NIST KAT #2
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0:0
AES-192-ECB crypt Encrypt NIST KAT #3
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0:0
AES-192-ECB crypt Encrypt NIST KAT #4
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0:0
AES-192-ECB crypt Decrypt NIST KAT #1
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0:0
AES-192-ECB crypt Decrypt NIST KAT #2
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0:0
AES-192-ECB crypt Decrypt NIST KAT #3
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0
AES-192-ECB crypt Decrypt NIST KAT #4
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0:0
AES-256-ECB crypt Encrypt NIST KAT #1
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0:0
AES-256-ECB crypt Encrypt NIST KAT #2
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0:0
AES-256-ECB crypt Encrypt NIST KAT #3
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0:0
AES-256-ECB crypt Encrypt NIST KAT #4
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0:0
AES-256-ECB crypt Decrypt NIST KAT #1
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0:0
AES-256-ECB crypt Decrypt NIST KAT #2
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0:0
AES-256-ECB crypt Decrypt NIST KAT #3
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0:0
AES-256-ECB crypt Decrypt NIST KAT #4
depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0
AES-128-CBC crypt Encrypt NIST KAT #1
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:0
AES-128-CBC crypt Encrypt NIST KAT #2
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:0
AES-128-CBC crypt Encrypt NIST KAT #3
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:0
AES-128-CBC crypt Encrypt NIST KAT #4
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:0
AES-128-CBC crypt Decrypt NIST KAT #1
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:0
AES-128-CBC crypt Decrypt NIST KAT #2
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:0
AES-128-CBC crypt Decrypt NIST KAT #3
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:0
AES-128-CBC crypt Decrypt NIST KAT #4
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:0
AES-192-CBC crypt Encrypt NIST KAT #1
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:0
AES-192-CBC crypt Encrypt NIST KAT #2
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:0
AES-192-CBC crypt Encrypt NIST KAT #3
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:0
AES-192-CBC crypt Encrypt NIST KAT #4
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:0
AES-192-CBC crypt Decrypt NIST KAT #1
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:0
AES-192-CBC crypt Decrypt NIST KAT #2
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:0
AES-192-CBC crypt Decrypt NIST KAT #3
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:0
AES-192-CBC crypt Decrypt NIST KAT #4
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0
AES-256-CBC crypt Encrypt NIST KAT #1
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:0
AES-256-CBC crypt Encrypt NIST KAT #2
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:0
AES-256-CBC crypt Encrypt NIST KAT #3
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:0
AES-256-CBC crypt Encrypt NIST KAT #4
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:0
AES-256-CBC crypt Decrypt NIST KAT #1
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0
AES-256-CBC crypt Decrypt NIST KAT #2
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:0
AES-256-CBC crypt Decrypt NIST KAT #3
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:0
AES-256-CBC crypt Decrypt NIST KAT #4
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:0
+
+AES-128-CBC crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:1
+
+AES-128-CBC crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:1
+
+AES-128-CBC crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:1
+
+AES-128-CBC crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1
Cipher Corner Case behaviours
depends_on:MBEDTLS_AES_C
diff --git a/tests/suites/test_suite_cipher.ccm.data b/tests/suites/test_suite_cipher.ccm.data
index 264ce99..7972500 100644
--- a/tests/suites/test_suite_cipher.ccm.data
+++ b/tests/suites/test_suite_cipher.ccm.data
@@ -1,480 +1,863 @@
AES-128-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":0
AES-128-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":0
AES-128-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":0
AES-128-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":0
AES-128-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":0
AES-128-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":0
AES-128-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":0
AES-128-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":0
AES-128-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
AES-128-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":0
AES-128-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
AES-128-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":0
AES-128-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
AES-128-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":0
AES-128-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
AES-128-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":0
AES-128-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":0
AES-128-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":0
AES-128-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":0
AES-128-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":0
AES-128-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":0
AES-128-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":0
AES-128-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":0
AES-128-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":0
AES-128-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
AES-128-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":0
AES-128-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
AES-128-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":0
AES-128-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
AES-128-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":0
AES-128-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
AES-128-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":0
AES-192-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":0
AES-192-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":0
AES-192-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":0
AES-192-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":0
AES-192-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":0
AES-192-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":0
AES-192-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":0
AES-192-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":0
AES-192-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
AES-192-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":0
AES-192-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
AES-192-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":0
AES-192-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
AES-192-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":0
AES-192-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
AES-192-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":0
AES-192-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":0
AES-192-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":0
AES-192-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":0
AES-192-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":0
AES-192-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":0
AES-192-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":0
AES-192-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":0
AES-192-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":0
AES-192-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
AES-192-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":0
AES-192-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
AES-192-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":0
AES-192-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
AES-192-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":0
AES-192-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
AES-192-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":0
AES-256-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":0
AES-256-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":0
AES-256-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":0
AES-256-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":0
AES-256-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":0
AES-256-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":0
AES-256-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":0
AES-256-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":0
AES-256-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0
AES-256-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":0
AES-256-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0
AES-256-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":0
AES-256-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0
AES-256-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":0
AES-256-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0
AES-256-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":0
AES-256-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":0
AES-256-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":0
AES-256-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":0
AES-256-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":0
AES-256-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":0
AES-256-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":0
AES-256-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":0
AES-256-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":0
AES-256-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0
AES-256-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":0
AES-256-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0
AES-256-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":0
AES-256-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0
AES-256-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":0
AES-256-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0
AES-256-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":0
Camellia-CCM test vector RFC 5528 #1
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":0
Camellia-CCM test vector RFC 5528 #2
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":0
Camellia-CCM test vector RFC 5528 #3
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
Camellia-CCM test vector RFC 5528 #4
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"":"0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"":"0C0D0E0F101112131415161718191A1B1C1D1E":0
Camellia-CCM test vector RFC 5528 #5
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F":0
Camellia-CCM test vector RFC 5528 #6
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
Camellia-CCM test vector RFC 5528 #7
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":0
Camellia-CCM test vector RFC 5528 #8
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":0
Camellia-CCM test vector RFC 5528 #9
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
Camellia-CCM test vector RFC 5528 #10
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"":"0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"":"0C0D0E0F101112131415161718191A1B1C1D1E":0
Camellia-CCM test vector RFC 5528 #11
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F":0
Camellia-CCM test vector RFC 5528 #12
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
Camellia-CCM test vector RFC 5528 #13
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3":0
Camellia-CCM test vector RFC 5528 #14
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7":0
Camellia-CCM test vector RFC 5528 #15
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08":0
Camellia-CCM test vector RFC 5528 #16
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"":"B005DCFA0B59181426A961685A993D8C43185B"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"":"B005DCFA0B59181426A961685A993D8C43185B":0
Camellia-CCM test vector RFC 5528 #17
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"":"2E20211298105F129D5ED95B93F72D30B2FACCD7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"":"2E20211298105F129D5ED95B93F72D30B2FACCD7":0
Camellia-CCM test vector RFC 5528 #18
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9":0
Camellia-CCM test vector RFC 5528 #19
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D":0
Camellia-CCM test vector RFC 5528 #20
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC":0
Camellia-CCM test vector RFC 5528 #21
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB":0
Camellia-CCM test vector RFC 5528 #22
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"":"C238822FAC5F98FF929405B0AD127A4E41854E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"":"C238822FAC5F98FF929405B0AD127A4E41854E":0
Camellia-CCM test vector RFC 5528 #23
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7":0
Camellia-CCM test vector RFC 5528 #24
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":0
+AES-128-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":1
+
+AES-128-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":1
+
+AES-128-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":1
+
+AES-128-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":1
+
+AES-128-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":1
+
+AES-128-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":1
+
+AES-128-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":1
+
+AES-128-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":1
+
+AES-128-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-128-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":1
+
+AES-128-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-128-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":1
+
+AES-128-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-128-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":1
+
+AES-128-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-128-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":1
+
+AES-128-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":1
+
+AES-128-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":1
+
+AES-128-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":1
+
+AES-128-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":1
+
+AES-128-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":1
+
+AES-128-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":1
+
+AES-128-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":1
+
+AES-128-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":1
+
+AES-128-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-128-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":1
+
+AES-128-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-128-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":1
+
+AES-128-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-128-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":1
+
+AES-128-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-128-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":1
+
+AES-192-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":1
+
+AES-192-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":1
+
+AES-192-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":1
+
+AES-192-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":1
+
+AES-192-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":1
+
+AES-192-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":1
+
+AES-192-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":1
+
+AES-192-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":1
+
+AES-192-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-192-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":1
+
+AES-192-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-192-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":1
+
+AES-192-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-192-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":1
+
+AES-192-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-192-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":1
+
+AES-192-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":1
+
+AES-192-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":1
+
+AES-192-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":1
+
+AES-192-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":1
+
+AES-192-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":1
+
+AES-192-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":1
+
+AES-192-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":1
+
+AES-192-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":1
+
+AES-192-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-192-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":1
+
+AES-192-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-192-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":1
+
+AES-192-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-192-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":1
+
+AES-192-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-192-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":1
+
+AES-256-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":1
+
+AES-256-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":1
+
+AES-256-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":1
+
+AES-256-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":1
+
+AES-256-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":1
+
+AES-256-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":1
+
+AES-256-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":1
+
+AES-256-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":1
+
+AES-256-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1
+
+AES-256-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":1
+
+AES-256-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1
+
+AES-256-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":1
+
+AES-256-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1
+
+AES-256-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":1
+
+AES-256-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1
+
+AES-256-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":1
+
+AES-256-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":1
+
+AES-256-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":1
+
+AES-256-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":1
+
+AES-256-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":1
+
+AES-256-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":1
+
+AES-256-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":1
+
+AES-256-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":1
+
+AES-256-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":1
+
+AES-256-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1
+
+AES-256-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":1
+
+AES-256-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1
+
+AES-256-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":1
+
+AES-256-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1
+
+AES-256-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":1
+
+AES-256-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1
+
+AES-256-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":1
diff --git a/tests/suites/test_suite_cipher.chachapoly.data b/tests/suites/test_suite_cipher.chachapoly.data
index 9d74d56..7310a84 100644
--- a/tests/suites/test_suite_cipher.chachapoly.data
+++ b/tests/suites/test_suite_cipher.chachapoly.data
@@ -112,11 +112,11 @@
ChaCha20+Poly1305 RFC 7539 Test Vector #1
depends_on:MBEDTLS_CHACHAPOLY_C
-auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38":"":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d"
+auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38":"":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":0
ChaCha20+Poly1305 RFC 7539 Test Vector #1 Unauthentic (1st bit flipped)
depends_on:MBEDTLS_CHACHAPOLY_C
-auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"6ead9d67890cbb22392336fea1851f38":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"6ead9d67890cbb22392336fea1851f38":"FAIL":"":0
Chacha20+Poly1305 RFC 7539 Test Vector #1 (streaming)
depends_on:MBEDTLS_CHACHAPOLY_C
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 773c792..a7d3a6e 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -934,33 +934,68 @@
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */
void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
data_t * ad, data_t * cipher, data_t * tag,
- char * result, data_t * clear )
+ char * result, data_t * clear, int use_psa )
{
+ /* Takes an AEAD ciphertext + tag and performs a pair
+ * of AEAD decryption and AEAD encryption. It checks that
+ * this results in the expected plaintext, and that
+ * decryption and encryption are inverse to one another. */
+
int ret;
- unsigned char output[267]; /* above + 2 (overwrite check) */
- unsigned char my_tag[20];
+ unsigned char output[300]; /* Temporary buffer for results of
+ * encryption and decryption. */
+ unsigned char *output_tag = NULL; /* Temporary buffer for tag in the
+ * encryption step. */
+
mbedtls_cipher_context_t ctx;
size_t outlen;
+ unsigned char *tmp_tag = NULL;
+ unsigned char *tmp_cipher = NULL;
+
mbedtls_cipher_init( &ctx );
-
memset( output, 0xFF, sizeof( output ) );
- memset( my_tag, 0xFF, sizeof( my_tag ) );
-
/* Prepare context */
- TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
- mbedtls_cipher_info_from_type( cipher_id ) ) );
- TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+ (void) use_psa;
+#else
+ if( use_psa == 1 )
+ {
+ TEST_ASSERT( psa_crypto_init() == 0 );
+
+ /* PSA requires that the tag immediately follows the ciphertext. */
+ tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
+ TEST_ASSERT( tmp_cipher != NULL );
+ tmp_tag = tmp_cipher + cipher->len;
+
+ memcpy( tmp_cipher, cipher->x, cipher->len );
+ memcpy( tmp_tag, tag->x, tag->len );
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
+ mbedtls_cipher_info_from_type( cipher_id ),
+ tag->len ) );
+ }
+ else
+#endif
+ {
+ tmp_tag = tag->x;
+ tmp_cipher = cipher->x;
+ TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+ mbedtls_cipher_info_from_type( cipher_id ) ) );
+ }
+
+ TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
+ MBEDTLS_DECRYPT ) );
/* decode buffer and check tag->x */
- ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
- cipher->x, cipher->len, output, &outlen,
- tag->x, tag->len );
- /* make sure we didn't overwrite */
- TEST_ASSERT( output[outlen + 0] == 0xFF );
- TEST_ASSERT( output[outlen + 1] == 0xFF );
+ /* Sanity check that we don't use overly long inputs. */
+ TEST_ASSERT( sizeof( output ) >= cipher->len );
+
+ ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+ tmp_cipher, cipher->len, output, &outlen,
+ tmp_tag, tag->len );
/* make sure the message is rejected if it should be */
if( strcmp( result, "FAIL" ) == 0 )
@@ -979,23 +1014,28 @@
memset( output, 0xFF, sizeof( output ) );
outlen = 0;
+ /* Sanity check that we don't use overly long inputs. */
+ TEST_ASSERT( sizeof( output ) >= clear->len + tag->len );
+
+ output_tag = output + clear->len;
ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
clear->x, clear->len, output, &outlen,
- my_tag, tag->len );
+ output_tag, tag->len );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( outlen == clear->len );
- TEST_ASSERT( memcmp( output, cipher->x, clear->len ) == 0 );
- TEST_ASSERT( memcmp( my_tag, tag->x, tag->len ) == 0 );
-
- /* make sure we didn't overwrite */
- TEST_ASSERT( output[outlen + 0] == 0xFF );
- TEST_ASSERT( output[outlen + 1] == 0xFF );
- TEST_ASSERT( my_tag[tag->len + 0] == 0xFF );
- TEST_ASSERT( my_tag[tag->len + 1] == 0xFF );
-
+ TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
+ TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 );
exit:
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ if( use_psa == 1 )
+ {
+ mbedtls_free( tmp_cipher );
+ }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
mbedtls_cipher_free( &ctx );
}
/* END_CASE */
@@ -1040,8 +1080,8 @@
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
void test_vec_crypt( int cipher_id, int operation, char *hex_key,
- char *hex_iv, char *hex_input, char *hex_result,
- int finish_result )
+ char *hex_iv, char *hex_input, char *hex_result,
+ int finish_result, int use_psa )
{
unsigned char key[50];
unsigned char input[16];
@@ -1061,8 +1101,19 @@
memset( iv, 0x00, sizeof( iv ) );
/* Prepare context */
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+ (void) use_psa;
+#else
+ if( use_psa == 1 )
+ {
+ TEST_ASSERT( psa_crypto_init() == 0 );
+ TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
+ mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
+ }
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
- mbedtls_cipher_info_from_type( cipher_id ) ) );
+ mbedtls_cipher_info_from_type( cipher_id ) ) );
key_len = unhexify( key, hex_key );
inputlen = unhexify( input, hex_input );
diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data
index 0efed58..03d08ce 100644
--- a/tests/suites/test_suite_cipher.gcm.data
+++ b/tests/suites/test_suite_cipher.gcm.data
@@ -701,3 +701,4035 @@
CAMELLIA 256 GCM Decrypt test vector #5
depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C
decrypt_test_vec:MBEDTLS_CIPHER_CAMELLIA_256_GCM:-1:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"cafebabefacedbad":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"e6472b8ebd331bfcc7c0fa63ce094462":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":0
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index 08a1686..7db0ed1 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -351,7 +351,7 @@
mbedtls_ecdh_enable_restart( &cli );
}
- /* server writes its paramaters */
+ /* server writes its parameters */
memset( buf, 0x00, sizeof( buf ) );
len = 0;
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 606ddd2..0b2e029 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -43,7 +43,9 @@
unsigned char buf[42] = { 0 };
const unsigned char *null_buf = NULL;
mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP192R1;
+#if defined(MBEDTLS_ECP_RESTARTABLE)
mbedtls_ecp_restart_ctx restart_ctx;
+#endif /* MBEDTLS_ECP_RESTARTABLE */
TEST_INVALID_PARAM( mbedtls_ecp_point_init( NULL ) );
TEST_INVALID_PARAM( mbedtls_ecp_keypair_init( NULL ) );
diff --git a/tests/suites/test_suite_nist_kw.function b/tests/suites/test_suite_nist_kw.function
index ae3ef80..f1acde9 100644
--- a/tests/suites/test_suite_nist_kw.function
+++ b/tests/suites/test_suite_nist_kw.function
@@ -30,7 +30,7 @@
memset( key, 0, sizeof( key ) );
/*
- * 1. Check wrap and unwrap with two seperate contexts
+ * 1. Check wrap and unwrap with two separate contexts
*/
mbedtls_nist_kw_init( &ctx1 );
mbedtls_nist_kw_init( &ctx2 );
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index e41dfa7..ea5fc4f 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -24,6 +24,9 @@
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
pk_utils:MBEDTLS_PK_ECDSA:192:24:"ECDSA"
+PK PSA utilities: setup/free, info functions, unsupported operations
+pk_psa_utils:
+
RSA verify test vector #1 (good)
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
@@ -48,6 +51,38 @@
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED
+EC(DSA) verify test vector: good, bitlen(r) = 256
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3046022100faecc085c6c5362b91ff1fd6dd77da80bc071bee9ff1ac0ef9509c017f13267c022100a7d0b908c938d3dd6c6a9cdc5b0a4a4ee455c519c1ff6cda959806b7e7461ba0":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 255
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 248
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220009109f967f9082abc9c46e5ea07936529b82023a1a49b872c046f430983db2602210085f0b1960d61f8d75109b5b7ff991d3171320d2ab547104f864048455a965090":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 247
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3044021f461786833b50247b07194da6cedbd3caefbcd19c73b6283ccff5097cd0d73b022100d85d20b0b8c3b596eb1cdb0381e681fa0a8bccde4e89c139020af3b0f88e099c":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 256
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 255
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"304402206ae26950c606d08fe5e1682efdccfb3a7213ca46bd523ffd20c4213fe1400d3402207612106ada7055926167650b257da7f4c42c190b8aa9e3b680f8751fe90c63a5":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 248
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3045022100fd4d718ab483827492e10b89745fad100d2dd257102b99aff179ee596a569f1f022000a1b777e32a8b4909763b615b805e59194e6196eb05719287a36eb5f17aa485":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 247
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30430220685a6994daa6a14e4411b5267edc2a00beee907f2dddd956b2a5a1df791c15f8021f675db4538c000c734489ac737fddd5a739c5a23cd6c6eceea70c286ca4fac9":0
+
ECDSA sign-verify
depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
pk_sign_verify:MBEDTLS_PK_ECDSA:0:0
@@ -195,3 +230,6 @@
ECDSA restartable sign/verify: ECKEY, max_ops=250
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
+
+PSA wrapped sign
+pk_psa_sign:
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 4e6ab17..d85d9ed 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -64,6 +64,45 @@
return( ((const mbedtls_rsa_context *) ctx)->len );
}
#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#include "mbedtls/psa_util.h"
+
+#define PK_PSA_INVALID_SLOT 0 /* guaranteed invalid */
+
+/*
+ * Generate a key in a free key slot and return this key slot,
+ * or PK_PSA_INVALID_SLOT if no slot was available.
+ * The key uses NIST P-256 and is usable for signing with SHA-256.
+ */
+psa_key_handle_t pk_psa_genkey( void )
+{
+ psa_key_handle_t key;
+
+ const int curve = PSA_ECC_CURVE_SECP256R1;
+ const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve);
+ const size_t bits = 256;
+ psa_key_policy_t policy;
+
+ /* Allocate a key slot */
+ if( PSA_SUCCESS != psa_allocate_key( &key ) )
+ return( PK_PSA_INVALID_SLOT );
+
+ /* set up policy on key slot */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
+ PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
+ if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
+ return( PK_PSA_INVALID_SLOT );
+
+ /* generate key */
+ if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) )
+ return( PK_PSA_INVALID_SLOT );
+
+ return( key );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -71,6 +110,79 @@
* END_DEPENDENCIES
*/
+/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+void pk_psa_utils( )
+{
+ mbedtls_pk_context pk, pk2;
+ psa_key_handle_t key;
+
+ const char * const name = "Opaque";
+ const size_t bitlen = 256; /* harcoded in genkey() */
+
+ mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
+ unsigned char b1[1], b2[1];
+ size_t len;
+ mbedtls_pk_debug_item dbg;
+
+ TEST_ASSERT( psa_crypto_init() == 0 );
+
+ mbedtls_pk_init( &pk );
+ mbedtls_pk_init( &pk2 );
+
+ TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) ==
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+ mbedtls_pk_free( &pk );
+ mbedtls_pk_init( &pk );
+
+ key = pk_psa_genkey();
+ TEST_ASSERT( key != 0 );
+
+ TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 );
+
+ TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE );
+ TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
+
+ TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
+ TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 );
+
+ TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 );
+ TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 );
+ TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 );
+
+ /* unsupported operations: verify, decrypt, encrypt */
+ TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg,
+ b1, sizeof( b1), b2, sizeof( b2 ) )
+ == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+ TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ),
+ b2, &len, sizeof( b2 ),
+ NULL, NULL )
+ == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+ TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ),
+ b2, &len, sizeof( b2 ),
+ NULL, NULL )
+ == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+ /* unsupported functions: check_pair, debug */
+ TEST_ASSERT( mbedtls_pk_setup( &pk2,
+ mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
+ TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 )
+ == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+ TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg )
+ == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+ /* test that freeing the context does not destroy the key */
+ mbedtls_pk_free( &pk );
+ TEST_ASSERT( PSA_SUCCESS == psa_get_key_information( key, NULL, NULL ) );
+ TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
+
+exit:
+ mbedtls_pk_free( &pk ); /* redundant except upon error */
+ mbedtls_pk_free( &pk2 );
+}
+/* END_CASE */
+
+
/* BEGIN_CASE */
void valid_parameters( )
{
@@ -668,7 +780,8 @@
TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
key->x, key->len ) == 0 );
- TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE,
+ // MBEDTLS_MD_SHA1 is a dummy - it is ignored, but has to be other than MBEDTLS_MD_NONE.
+ TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA1,
hash->x, hash->len, sig->x, sig->len ) == ret );
exit:
@@ -1084,3 +1197,74 @@
mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt );
}
/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+void pk_psa_sign( )
+{
+ mbedtls_pk_context pk;
+ unsigned char hash[50], sig[100], pkey_legacy[100], pkey_psa[100];
+ unsigned char *pkey_legacy_start, *pkey_psa_start;
+ size_t sig_len, klen_legacy, klen_psa;
+ int ret;
+ psa_key_handle_t handle;
+
+ /*
+ * This tests making signatures with a wrapped PSA key:
+ * - generate a fresh ECP legacy PK context
+ * - wrap it in a PK context and make a signature this way
+ * - extract the public key
+ * - parse it to a PK context and verify the signature this way
+ */
+
+ /* Create legacy EC public/private key in PK context. */
+ mbedtls_pk_init( &pk );
+ TEST_ASSERT( mbedtls_pk_setup( &pk,
+ mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_gen_key( MBEDTLS_ECP_DP_SECP256R1,
+ (mbedtls_ecp_keypair*) pk.pk_ctx,
+ rnd_std_rand, NULL ) == 0 );
+
+ /* Export underlying public key for re-importing in a legacy context. */
+ ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy,
+ sizeof( pkey_legacy ) );
+ TEST_ASSERT( ret >= 0 );
+ klen_legacy = (size_t) ret;
+ /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
+ pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy;
+
+ /* Turn PK context into an opaque one. */
+ TEST_ASSERT( psa_allocate_key( &handle ) == PSA_SUCCESS );
+ TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &handle,
+ PSA_ALG_SHA_256 ) == 0 );
+
+ memset( hash, 0x2a, sizeof hash );
+ memset( sig, 0, sizeof sig );
+
+ TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, &sig_len,
+ NULL, NULL ) == 0 );
+
+ /* Export underlying public key for re-importing in a psa context. */
+ ret = mbedtls_pk_write_pubkey_der( &pk, pkey_psa,
+ sizeof( pkey_psa ) );
+ TEST_ASSERT( ret >= 0 );
+ klen_psa = (size_t) ret;
+ /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
+ pkey_psa_start = pkey_psa + sizeof( pkey_psa ) - klen_psa;
+
+ TEST_ASSERT( klen_psa == klen_legacy );
+ TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 );
+
+ mbedtls_pk_free( &pk );
+ TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( handle ) );
+
+ mbedtls_pk_init( &pk );
+ TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start,
+ klen_legacy ) == 0 );
+ TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
+ hash, sizeof hash, sig, sig_len ) == 0 );
+
+exit:
+ mbedtls_pk_free( &pk );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
new file mode 100644
index 0000000..65ac6d7
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -0,0 +1,2128 @@
+PSA compile-time sanity checks
+static_checks:
+
+PSA import/export raw: 0 bytes
+import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
+
+PSA import/export raw: 1 bytes
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1
+
+PSA import/export raw: 1 bytes, larger buffer
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1
+
+PSA import/export raw: 2 bytes, buffer too small
+import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
+PSA import/export AES-128
+depends_on:MBEDTLS_AES_C
+import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:128:0:PSA_SUCCESS:1
+
+PSA import/export AES-192
+depends_on:MBEDTLS_AES_C
+import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:192:0:PSA_SUCCESS:1
+
+PSA import/export AES-256
+depends_on:MBEDTLS_AES_C
+import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+
+PSA import to non empty key slot
+depends_on:MBEDTLS_AES_C
+import_key_nonempty_slot
+
+PSA export invalid handle (0)
+export_invalid_handle:0:PSA_ERROR_INVALID_HANDLE
+
+PSA export invalid handle (smallest plausible handle)
+export_invalid_handle:1:PSA_ERROR_INVALID_HANDLE
+
+PSA export invalid handle (largest plausible handle)
+export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE
+
+PSA export a slot where there was some activity but no key material creation
+export_with_no_key_activity
+
+PSA setup cipher where there was some activity on key but no key material creation
+cipher_with_no_key_activity
+
+PSA export a slot after a failed import of a AES key
+depends_on:MBEDTLS_AES_C
+export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export a slot after a failed import of a RSA key
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C
+export_after_import_failure:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export a slot after a failed import of an EC keypair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+export_after_import_failure:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA setup cipher after a failed import of a AES key
+depends_on:MBEDTLS_AES_C
+cipher_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export RSA public key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+export_after_destroy_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY
+
+PSA export AES key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_AES_C
+export_after_destroy_key:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES
+
+PSA export EC key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+export_after_destroy_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1)
+
+PSA import AES: bad key size
+depends_on:MBEDTLS_AES_C
+import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import/export RSA public key: good, 1024-bit
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (+1 byte)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2-1)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2+1)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1
+
+PSA import/export RSA public key: export buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
+PSA import/export RSA keypair: good, 1024-bit
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (+1 byte)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2-1)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2+1)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: export buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
+PSA import/export RSA keypair: trailing garbage ignored
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0
+
+PSA import RSA keypair: truncated
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import RSA keypair: public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import RSA public key: key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import RSA keypair: valid key but EC
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import/export-public RSA public key: good, 1024-bit
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export-public RSA keypair: good, 1024-bit
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export-public RSA public key: buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export-public RSA keypair: buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export RSA public key: 1016-bit (good)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: 1016-bit (good)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1
+
+PSA import RSA public key: 1022-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA keypair: 1022-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA public key: 1023-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA keypair: 1023-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED
+
+PSA import/export EC secp224r1 key pair: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp224r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
+
+PSA import/export EC secp256r1 key pair: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp256r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
+PSA import/export EC secp384r1 key pair: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp384r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA import/export EC secp521r1 key pair: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp521r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA import/export EC brainpool256r1 key pair: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool256r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA import/export EC brainpool384r1 key pair: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
+import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool384r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
+import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA import/export EC brainpool512r1 key pair: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool512r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA import/export-public: cannot export-public a symmetric key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:""
+
+PSA import/export EC secp256r1 public key: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+
+PSA import/export AES key: policy forbids export
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export HMAC key: policy forbids export
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:256:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export RSA keypair: policy forbids export (crypt)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export RSA keypair: policy forbids export (sign)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1
+
+# Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS
+# extension which we may drop in the future.
+PSA import/export RSA public key: import PEM
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0
+
+PSA import/export RSA keypair: import PEM
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0
+
+PSA import EC keypair: DER format
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: secp256r1, all-bits-zero (bad)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: secp256r1, d == n - 1 (good)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_SUCCESS
+
+PSA import EC keypair: secp256r1, d == n (bad)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: secp256r1, d > n (bad)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC public key: key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+# For consistency with ECpub as ECpair, RSApub as RSApair and RSApair as RSApub,
+# one would expect the status to be PSA_ERROR_INVALID_ARGUMENT. But the
+# Mbed TLS pkparse module returns MBEDTLS_ERR_PK_INVALID_ALG, I think because
+# it's looking for an OID where there is no OID.
+import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED
+
+PSA import EC keypair: valid key but RSA
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
+import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import failure preserves policy
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS
+
+PSA import RSA key pair: maximum size exceeded
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA public key: maximum size exceeded
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA key policy set and get
+key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
+
+Key policy initializers zero properly
+key_policy_init:
+
+PSA key policy: MAC, sign | verify
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key policy: MAC, wrong algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224)
+
+PSA key policy: MAC, sign but not verify
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key policy: MAC, verify but not sign
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key policy: MAC, neither sign nor verify
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key policy: cipher, encrypt | decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, wrong algorithm
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_NO_PADDING
+
+PSA key policy: cipher, encrypt but not decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, decrypt but not encrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, neither encrypt nor decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:0:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: AEAD, encrypt | decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: AEAD, wrong algorithm
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_GCM_C
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM
+
+PSA key policy: AEAD, encrypt but not decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: AEAD, decrypt but not encrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: AEAD, neither encrypt nor decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: asymmetric encryption, encrypt | decrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
+
+PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
+
+PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
+
+PSA key policy: asymmetric encryption, encrypt but not decrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, decrypt but not encrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, neither encrypt nor decrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric signature, sign | verify
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+
+PSA key policy: asymmetric signature, wrong algorithm family
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+
+PSA key policy: asymmetric signature, wildcard in policy, wrong algorithm family
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0
+
+PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32
+
+PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32
+
+PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+
+PSA key policy: asymmetric signature, wrong hash algorithm
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0
+
+PSA key policy: asymmetric signature, sign but not verify
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+
+PSA key policy: asymmetric signature, verify but not sign
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+
+PSA key policy: asymmetric signature, neither sign nor verify
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1
+
+PSA key policy: derive via HKDF, permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via TLS 1.2 PRF, permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via HKDF, not permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via TLS 1.2 PRF, not permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via HKDF, wrong algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
+
+PSA key policy: derive via TLS 1.2 PRF, wrong algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
+
+PSA key policy: agreement, permitted
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+
+PSA key policy: agreement, not permitted
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+
+PSA key policy: agreement, wrong algorithm
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW)
+
+Copy key: raw, 0 bytes
+copy_key_policy:0:0:PSA_KEY_TYPE_RAW_DATA:"":0:0:-1:-1:0:0
+
+Copy key: AES, same usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR
+
+Copy key: AES, fewer usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, 1 more usage flag
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, 2 more usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, intersect usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:-1:-1:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, source=target, constraint with same usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR
+
+Copy key: AES, source=target, constraint with fewer usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, source=target, constraint with 1 more usage flag
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, source=target, constraint with 2 more usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, source=target, constraint with different usage flags
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: AES, permissive target, restrictive constraint
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+copy_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+Copy key: RSA key pair, same usage flags
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256)
+
+Copy key: RSA key pair, fewer usage flags
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256)
+
+Copy key: RSA key pair, more usage flags
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256)
+
+Copy key: RSA key pair, intersect usage flags
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256)
+
+Copy key: RSA key pair, wildcard algorithm in source
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256)
+
+Copy key: RSA key pair, wildcard algorithm in target
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256)
+
+Copy key: RSA key pair, wildcard algorithm in source and target
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):-1:-1:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH)
+
+Copy key: RSA key pair, wildcard in constraint
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH)
+
+Copy key: RSA key pair, wildcard, restrictive constraint
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+copy_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256)
+
+Copy fail: AES, incompatible target policy
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
+copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:-1:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, incompatible target policy (source wildcard)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, incompatible target policy (target wildcard)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, incompatible target policy (source and target wildcard)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):-1:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, incompatible constraint (wildcard on different base)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, incompatible constraint
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT
+
+Copy fail: RSA, ANY_HASH is not meaningful with OAEP
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+copy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):-1:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Hash operation object initializers zero properly
+hash_operation_init:
+
+PSA hash setup: good, SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS
+
+PSA hash setup: good, SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_SHA_224:PSA_SUCCESS
+
+PSA hash setup: good, SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS
+
+PSA hash setup: good, SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_setup:PSA_ALG_SHA_384:PSA_SUCCESS
+
+PSA hash setup: good, SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
+
+PSA hash setup: good, MD2
+depends_on:MBEDTLS_MD2_C
+hash_setup:PSA_ALG_MD2:PSA_SUCCESS
+
+PSA hash setup: good, MD4
+depends_on:MBEDTLS_MD4_C
+hash_setup:PSA_ALG_MD4:PSA_SUCCESS
+
+PSA hash setup: good, MD5
+depends_on:MBEDTLS_MD5_C
+hash_setup:PSA_ALG_MD5:PSA_SUCCESS
+
+PSA hash setup: good, RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_setup:PSA_ALG_RIPEMD160:PSA_SUCCESS
+
+PSA hash setup: bad (unknown hash algorithm)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED
+
+PSA hash setup: bad (wildcard instead of hash algorithm)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_ANY_HASH:PSA_ERROR_NOT_SUPPORTED
+
+PSA hash setup: bad (not a hash algorithm)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA hash: bad order function calls
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+hash_bad_order:
+
+PSA hash verify: bad arguments
+hash_verify_bad_args:
+
+PSA hash finish: bad arguments
+hash_finish_bad_args:
+
+PSA hash clone: source state
+hash_clone_source_state:
+
+PSA hash clone: target state
+hash_clone_target_state:
+
+MAC operation object initializers zero properly
+mac_operation_init:
+
+PSA MAC setup: good, HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA MAC setup: good, AES-CMAC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS
+
+PSA MAC setup: bad algorithm (unknown MAC algorithm)
+depends_on:MBEDTLS_MD_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: bad algorithm (not a MAC algorithm)
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: truncated MAC too small (1 byte)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 1 ):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: truncated MAC too large (33 bytes for SHA-256)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 33 ):PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: invalid key type, HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: incompatible key HMAC for CMAC
+depends_on:MBEDTLS_CMAC_C
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC: bad order function calls
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_bad_order:
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 28 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 28 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 64 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 64 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 27 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 27 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 63 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 63 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
+
+PSA MAC sign: CMAC-AES-128
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC verify: CMAC-AES-128
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC sign: CMAC-AES-128, truncated to 16 bytes (actual size)
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC verify: CMAC-AES-128, truncated to 16 bytes (actual size)
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC sign: CMAC-AES-128, truncated to 15 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
+
+PSA MAC verify: CMAC-AES-128, truncated to 15 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
+
+PSA MAC sign: CMAC-AES-128, truncated to 4 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
+
+PSA MAC verify: CMAC-AES-128, truncated to 4 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
+
+Cipher operation object initializers zero properly
+cipher_operation_init:
+
+PSA cipher setup: good, AES-CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS
+
+PSA cipher setup: bad algorithm (unknown cipher algorithm)
+depends_on:MBEDTLS_AES_C
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher setup: bad algorithm (not a cipher algorithm)
+depends_on:MBEDTLS_AES_C
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
+PSA cipher setup: invalid key type, CTR
+depends_on:MBEDTLS_CIPHER_MODE_CTR
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher setup: incompatible key ARC4 for CTR
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher: bad order function calls
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_bad_order:
+
+PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
+
+PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+
+PSA symmetric encrypt: AES-CBC-nopad, input too short
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+
+PSA symmetric encrypt: AES-CTR, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA symmetric encrypt: AES-CTR, 15 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+
+PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
+
+PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
+
+PSA symmetric decrypt: AES-CTR, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+
+PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
+
+PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_verify_output:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA symmetric encrypt/decrypt: AES-CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:0:16:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:0:16:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:0:16:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:0:16:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:0:32:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+
+PSA symmetric encryption multipart: AES-CBC-nopad, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:16:16:"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f"
+
+PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+
+PSA symmetric encryption multipart: AES-CTR, 0+15 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric encryption multipart: AES-CTR, 15+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric encryption multipart: AES-CTR, 0+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric encryption multipart: AES-CTR, 16+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:0:16:"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:0:16:"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:0:16:"6bc1bee22e409f96e93d7e117393172a"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":12:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+
+PSA symmetric decryption multipart: AES-CBC-nopad, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b89906f2f9207ac02aa658cb4ef19c61f":20:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef"
+
+PSA symmetric encryption multipart: AES-CTR, 11+5 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:11:5:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric encryption multipart: AES-CTR, 16+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":16:16:16:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+20 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":12:12:20:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 20+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":20:20:12:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7baf71025f6ef6393ca587"
+
+PSA symmetric encryption multipart: AES-CTR, 12+10 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a5434f378a597":12:12:10:"8f9408fe80a81d3e813da3c7b0b2bd321c965bb1de7b"
+
+PSA symmetric decryption multipart: AES-CTR, 0+15 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":0:0:15:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric decryption multipart: AES-CTR, 15+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd"
+
+PSA symmetric decryption multipart: AES-CTR, 0+16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":0:0:16:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric decryption multipart: AES-CTR, 16+0 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32"
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
+
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
+
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt: DES-CCM not supported
+depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD encrypt: AES-CCM, 23 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=6
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=8
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=10
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=12
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=14
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA AEAD decrypt: AES-CCM, 39 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-CCM, 40 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=6
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=8
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=10
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=12
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=14
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, invalid signature
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, invalid signature, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 0
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 2
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 15
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 18
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
+
+PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, invalid signature
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 0
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 18
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED
+
+PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
+
+PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
+
+PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128
+
+PSA signature size: RSA keypair, 1024 bits, PSS
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128
+
+PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
+
+PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
+
+PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA import/exercise RSA keypair, PSS-SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
+
+PSA import/exercise RSA public key, PKCS#1 v1.5 raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA import/exercise RSA public key, PSS-SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
+
+PSA import/exercise: ECP SECP256R1 keypair, ECDSA
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY
+
+PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
+
+PSA import/exercise: ECP SECP256R1 keypair, ECDH
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+
+PSA sign: RSA PKCS#1 v1.5, raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
+
+PSA sign: RSA PKCS#1 v1.5 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA sign: deterministic ECDSA SECP256R1 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign: RSA PKCS#1 v1.5, invalid hash (wildcard)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+# Arguably the error should be INVALID_ARGUMENT, but NOT_SUPPORTED is simpler
+# to implement.
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_NOT_SUPPORTED
+
+PSA sign: RSA PKCS#1 v1.5 raw, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign: invalid key type, signing with a public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign: invalid algorithm for ECC key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign/verify: RSA PKCS#1 v1.5, raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"
+
+PSA sign/verify: RSA PKCS#1 v1.5 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA sign/verify: RSA PSS SHA-256, 0 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):""
+
+PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA sign/verify: RSA PSS SHA-256, 129 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
+PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
+PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify: RSA PSS SHA-256, good signature, 0 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d"
+
+PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7"
+
+PSA verify: RSA PSS SHA-256, good signature, 129 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308"
+
+PSA verify: ECDSA SECP256R1, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA verify with keypair: ECDSA SECP256R1, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify: ECDSA SECP256R1, wrong signature of correct size
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify: invalid algorithm for ECC key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA PKCS#1 v1.5, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-256, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-256, good, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-384, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-384, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA PKCS#1 v1.5, key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-256, key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
+
+PSA encrypt: RSA PKCS#1 v1.5, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA PKCS#1 v1.5: salt not allowed
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA OAEP-SHA-384, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: invalid algorithm
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA PKCS#1 v1.5: invalid key type
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
+
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":""
+
+PSA encrypt-decrypt: RSA OAEP-SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
+
+PSA encrypt-decrypt: RSA OAEP-SHA-256, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00"
+
+PSA encrypt-decrypt: RSA OAEP-SHA-384
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
+
+PSA decrypt: RSA PKCS#1 v1.5: good #1
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA decrypt: RSA PKCS#1 v1.5: good #2
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
+
+PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, output too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":""
+
+PSA decrypt: RSA OAEP-SHA-256, 0 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":""
+
+PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":""
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
+PSA decrypt: RSA OAEP-SHA-384, 30 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA PKCS#1 v1.5, invalid padding
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA PKCS#1 v1.5: salt not allowed
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP-SHA-256, invalid padding
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: invalid algorithm
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP, invalid key type (RSA public key)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":16:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5, input too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP-SHA-256, input too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP-SHA-256, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
+
+Crypto generator initializers zero properly
+crypto_generator_init:
+
+PSA key derivation: HKDF-SHA-256, good case
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-512, good case
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_512):"":"":42:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, bad key type
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: TLS 1.2 PRF SHA-256, good case
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, bad key type
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: not a key derivation algorithm (selection)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_SELECT_RAW:"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: not a key derivation algorithm (HMAC)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: unsupported key derivation algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):"":"":42:PSA_ERROR_NOT_SUPPORTED
+
+PSA key derivation: unsupported key derivation algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED
+
+PSA key derivation: invalid generator state ( double generate + read past capacity )
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+test_derive_invalid_generator_state:
+
+PSA key derivation: invalid generator state ( call read/get_capacity after init and abort )
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+test_derive_invalid_generator_tests:
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
+
+# Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
+PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":""
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":""
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5"
+
+# Test case manually extracted from debug output of TLS-PSK run
+# Label: "master secret"
+# Salt: Concatenation of ClientHello.Random and ServerHello.Random
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":""
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":""
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
+
+PSA key derivation: HKDF SHA-256, request maximum capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
+
+PSA key derivation: HKDF SHA-1, request maximum capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
+
+PSA key derivation: HKDF SHA-256, request too much capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: HKDF SHA-1, request too much capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_ALG_HKDF(PSA_ALG_SHA_1):"":"":255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"":"":100:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: over capacity 42: output 42+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff"
+
+PSA key derivation: over capacity 42: output 41+2
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff"
+
+PSA key derivation: over capacity 42: output 43+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":""
+
+PSA key derivation: over capacity 42: output 43+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
+
+PSA key derivation: HKDF SHA-256, read maximum capacity minus 1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
+
+PSA key derivation: HKDF SHA-256, read maximum capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
+
+PSA key derivation: HKDF SHA-256, exercise AES128-CTR
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: HKDF SHA-256, exercise AES256-CTR
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: HKDF SHA-256, exercise DES-CBC
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key derivation: HKDF SHA-256, exercise HKDF-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key derivation: HKDF SHA-256, derive key, 16+32
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
+
+PSA key derivation: HKDF SHA-256, derive key, 1+41
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
+
+PSA key agreement setup: ECDH, raw: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
+
+PSA key agreement setup: ECDH, raw: public key on different curve
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement setup: ECDH, raw: public key instead of private key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement setup: ECDH, unknown KDF
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
+
+PSA key agreement setup: not a key agreement algorithm
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":""
+
+PSA key agreement: ECDH SECP256R1 with ECDH-only public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":""
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d"
+
+PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48
+
+PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":""
+
+PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66
+
+PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":""
+
+PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32
+
+PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":""
+
+PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48
+
+PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":""
+
+PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64
+
+PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":""
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
+
+PSA generate random: 0 bytes
+generate_random:0
+
+PSA generate random: 1 byte
+generate_random:1
+
+PSA generate random: 4 bytes
+generate_random:4
+
+PSA generate random: 16 bytes
+generate_random:16
+
+PSA generate random: 19 bytes
+generate_random:19
+
+PSA generate random: 260 bytes
+generate_random:260
+
+PSA generate key: bad type (PSA_KEY_TYPE_CATEGORY_MASK)
+generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: bad type (RSA public key)
+generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: raw data, 0 bits
+generate_key:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+
+PSA generate key: raw data, 7 bits: invalid argument
+generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA generate key: raw data, 8 bits
+generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+
+PSA generate key: AES, 128 bits, CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS
+
+PSA generate key: AES, 128 bits, GCM
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS
+
+PSA generate key: DES, 64 bits, CBC-nopad
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
+
+PSA generate key: DES, 128 bits, CBC-nopad
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
+
+PSA generate key: DES, 192 bits, CBC-nopad
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
+
+PSA generate key: invalid key size: AES, 64 bits
+depends_on:MBEDTLS_AES_C
+generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+
+PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+
+PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
+
+PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA generate key: RSA, 1022 bits: not supported
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: RSA, 1023 bits: not supported
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: RSA, maximum size exceeded
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: ECC, SECP256R1, good
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS
+
+PSA generate key: ECC, SECP256R1, incorrect bit size
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY:PSA_SUCCESS
+
+PSA generate persistent key: raw data, 8 bits
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: AES, 128 bits, CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: DES, 64 bits, CBC-nopad
+depends_on:MBEDTLS_DES_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: RSA, 1024 bits, good, sign (PSS SHA-256)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: ECC, SECP256R1, good
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY:PSA_SUCCESS
+
+PSA derive persistent key: HKDF SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: AES, 128 bits, CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_ERROR_NOT_PERMITTED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
new file mode 100644
index 0000000..4cec118
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -0,0 +1,4865 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+#include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/oid.h"
+
+#include "psa/crypto.h"
+
+/** An invalid export length that will never be set by psa_export_key(). */
+static const size_t INVALID_EXPORT_LENGTH = ~0U;
+
+/* A hash algorithm that is known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(MBEDTLS_MD2_C)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2
+#elif defined(MBEDTLS_MD4_C)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4
+#elif defined(MBEDTLS_MD5_C)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
+/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
+ * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
+ * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
+ * implausible anyway. */
+#elif defined(MBEDTLS_SHA1_C)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
+#elif defined(MBEDTLS_SHA256_C)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
+#elif defined(MBEDTLS_SHA512_C)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384
+#elif defined(MBEDTLS_SHA3_C)
+#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256
+#else
+#undef KNOWN_SUPPORTED_HASH_ALG
+#endif
+
+/* A block cipher that is known to be supported.
+ *
+ * For simplicity's sake, stick to block ciphers with 16-byte blocks.
+ */
+#if defined(MBEDTLS_AES_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES
+#elif defined(MBEDTLS_ARIA_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA
+#elif defined(MBEDTLS_CAMELLIA_C)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER
+#endif
+
+/* A MAC mode that is known to be supported.
+ *
+ * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or
+ * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_HASH_ALG)
+#define KNOWN_SUPPORTED_MAC_ALG ( PSA_ALG_HMAC( KNOWN_SUPPORTED_HASH_ALG ) )
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C)
+#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC
+#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#else
+#undef KNOWN_SUPPORTED_MAC_ALG
+#undef KNOWN_SUPPORTED_MAC_KEY_TYPE
+#endif
+
+/* A cipher algorithm and key type that are known to be supported.
+ *
+ * This is used in some smoke tests.
+ */
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CTR)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CBC)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB
+#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_OFB)
+#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB
+#else
+#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#endif
+#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
+#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
+#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
+#elif defined(MBEDTLS_RC4_C)
+#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4
+#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4
+#else
+#undef KNOWN_SUPPORTED_CIPHER_ALG
+#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
+#endif
+
+/** Test if a buffer contains a constant byte value.
+ *
+ * `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`.
+ *
+ * \param buffer Pointer to the beginning of the buffer.
+ * \param c Expected value of every byte.
+ * \param size Size of the buffer in bytes.
+ *
+ * \return 1 if the buffer is all-bits-zero.
+ * \return 0 if there is at least one nonzero byte.
+ */
+static int mem_is_char( void *buffer, unsigned char c, size_t size )
+{
+ size_t i;
+ for( i = 0; i < size; i++ )
+ {
+ if( ( (unsigned char *) buffer )[i] != c )
+ return( 0 );
+ }
+ return( 1 );
+}
+
+/* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */
+static int asn1_write_10x( unsigned char **p,
+ unsigned char *start,
+ size_t bits,
+ unsigned char x )
+{
+ int ret;
+ int len = bits / 8 + 1;
+ if( bits == 0 )
+ return( MBEDTLS_ERR_ASN1_INVALID_DATA );
+ if( bits <= 8 && x >= 1 << ( bits - 1 ) )
+ return( MBEDTLS_ERR_ASN1_INVALID_DATA );
+ if( *p < start || *p - start < (ptrdiff_t) len )
+ return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+ *p -= len;
+ ( *p )[len-1] = x;
+ if( bits % 8 == 0 )
+ ( *p )[1] |= 1;
+ else
+ ( *p )[0] |= 1 << ( bits % 8 );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
+ MBEDTLS_ASN1_INTEGER ) );
+ return( len );
+}
+
+static int construct_fake_rsa_key( unsigned char *buffer,
+ size_t buffer_size,
+ unsigned char **p,
+ size_t bits,
+ int keypair )
+{
+ size_t half_bits = ( bits + 1 ) / 2;
+ int ret;
+ int len = 0;
+ /* Construct something that looks like a DER encoding of
+ * as defined by PKCS#1 v2.2 (RFC 8017) section A.1.2:
+ * RSAPrivateKey ::= SEQUENCE {
+ * version Version,
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER, -- e
+ * privateExponent INTEGER, -- d
+ * prime1 INTEGER, -- p
+ * prime2 INTEGER, -- q
+ * exponent1 INTEGER, -- d mod (p-1)
+ * exponent2 INTEGER, -- d mod (q-1)
+ * coefficient INTEGER, -- (inverse of q) mod p
+ * otherPrimeInfos OtherPrimeInfos OPTIONAL
+ * }
+ * Or, for a public key, the same structure with only
+ * version, modulus and publicExponent.
+ */
+ *p = buffer + buffer_size;
+ if( keypair )
+ {
+ MBEDTLS_ASN1_CHK_ADD( len, /* pq */
+ asn1_write_10x( p, buffer, half_bits, 1 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, /* dq */
+ asn1_write_10x( p, buffer, half_bits, 1 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, /* dp */
+ asn1_write_10x( p, buffer, half_bits, 1 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, /* q */
+ asn1_write_10x( p, buffer, half_bits, 1 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, /* p != q to pass mbedtls sanity checks */
+ asn1_write_10x( p, buffer, half_bits, 3 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, /* d */
+ asn1_write_10x( p, buffer, bits, 1 ) );
+ }
+ MBEDTLS_ASN1_CHK_ADD( len, /* e = 65537 */
+ asn1_write_10x( p, buffer, 17, 1 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, /* n */
+ asn1_write_10x( p, buffer, bits, 1 ) );
+ if( keypair )
+ MBEDTLS_ASN1_CHK_ADD( len, /* version = 0 */
+ mbedtls_asn1_write_int( p, buffer, 0 ) );
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, buffer, len ) );
+ {
+ const unsigned char tag =
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE;
+ MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, buffer, tag ) );
+ }
+ return( len );
+}
+
+int exercise_mac_setup( psa_key_type_t key_type,
+ const unsigned char *key_bytes,
+ size_t key_length,
+ psa_algorithm_t alg,
+ psa_mac_operation_t *operation,
+ psa_status_t *status )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) );
+
+ *status = psa_mac_sign_setup( operation, handle, alg );
+ /* Whether setup succeeded or failed, abort must succeed. */
+ PSA_ASSERT( psa_mac_abort( operation ) );
+ /* If setup failed, reproduce the failure, so that the caller can
+ * test the resulting state of the operation object. */
+ if( *status != PSA_SUCCESS )
+ {
+ TEST_EQUAL( psa_mac_sign_setup( operation, handle, alg ),
+ *status );
+ }
+
+ psa_destroy_key( handle );
+ return( 1 );
+
+exit:
+ psa_destroy_key( handle );
+ return( 0 );
+}
+
+int exercise_cipher_setup( psa_key_type_t key_type,
+ const unsigned char *key_bytes,
+ size_t key_length,
+ psa_algorithm_t alg,
+ psa_cipher_operation_t *operation,
+ psa_status_t *status )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ PSA_ASSERT( psa_import_key( handle, key_type, key_bytes, key_length ) );
+
+ *status = psa_cipher_encrypt_setup( operation, handle, alg );
+ /* Whether setup succeeded or failed, abort must succeed. */
+ PSA_ASSERT( psa_cipher_abort( operation ) );
+ /* If setup failed, reproduce the failure, so that the caller can
+ * test the resulting state of the operation object. */
+ if( *status != PSA_SUCCESS )
+ {
+ TEST_EQUAL( psa_cipher_encrypt_setup( operation, handle, alg ),
+ *status );
+ }
+
+ psa_destroy_key( handle );
+ return( 1 );
+
+exit:
+ psa_destroy_key( handle );
+ return( 0 );
+}
+
+static int exercise_mac_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ const unsigned char input[] = "foo";
+ unsigned char mac[PSA_MAC_MAX_SIZE] = {0};
+ size_t mac_length = sizeof( mac );
+
+ if( usage & PSA_KEY_USAGE_SIGN )
+ {
+ PSA_ASSERT( psa_mac_sign_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation,
+ input, sizeof( input ) ) );
+ PSA_ASSERT( psa_mac_sign_finish( &operation,
+ mac, sizeof( mac ),
+ &mac_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_VERIFY )
+ {
+ psa_status_t verify_status =
+ ( usage & PSA_KEY_USAGE_SIGN ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE );
+ PSA_ASSERT( psa_mac_verify_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation,
+ input, sizeof( input ) ) );
+ TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ),
+ verify_status );
+ }
+
+ return( 1 );
+
+exit:
+ psa_mac_abort( &operation );
+ return( 0 );
+}
+
+static int exercise_cipher_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ unsigned char iv[16] = {0};
+ size_t iv_length = sizeof( iv );
+ const unsigned char plaintext[16] = "Hello, world...";
+ unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof( ciphertext );
+ unsigned char decrypted[sizeof( ciphertext )];
+ size_t part_length;
+
+ if( usage & PSA_KEY_USAGE_ENCRYPT )
+ {
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_cipher_generate_iv( &operation,
+ iv, sizeof( iv ),
+ &iv_length ) );
+ PSA_ASSERT( psa_cipher_update( &operation,
+ plaintext, sizeof( plaintext ),
+ ciphertext, sizeof( ciphertext ),
+ &ciphertext_length ) );
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ ciphertext + ciphertext_length,
+ sizeof( ciphertext ) - ciphertext_length,
+ &part_length ) );
+ ciphertext_length += part_length;
+ }
+
+ if( usage & PSA_KEY_USAGE_DECRYPT )
+ {
+ psa_status_t status;
+ psa_key_type_t type = PSA_KEY_TYPE_NONE;
+ if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
+ {
+ size_t bits;
+ TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) );
+ iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
+ }
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, iv_length ) );
+ PSA_ASSERT( psa_cipher_update( &operation,
+ ciphertext, ciphertext_length,
+ decrypted, sizeof( decrypted ),
+ &part_length ) );
+ status = psa_cipher_finish( &operation,
+ decrypted + part_length,
+ sizeof( decrypted ) - part_length,
+ &part_length );
+ /* For a stream cipher, all inputs are valid. For a block cipher,
+ * if the input is some aribtrary data rather than an actual
+ ciphertext, a padding error is likely. */
+ if( ( usage & PSA_KEY_USAGE_ENCRYPT ) ||
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 )
+ PSA_ASSERT( status );
+ else
+ TEST_ASSERT( status == PSA_SUCCESS ||
+ status == PSA_ERROR_INVALID_PADDING );
+ }
+
+ return( 1 );
+
+exit:
+ psa_cipher_abort( &operation );
+ return( 0 );
+}
+
+static int exercise_aead_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ unsigned char nonce[16] = {0};
+ size_t nonce_length = sizeof( nonce );
+ unsigned char plaintext[16] = "Hello, world...";
+ unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof( ciphertext );
+ size_t plaintext_length = sizeof( ciphertext );
+
+ if( usage & PSA_KEY_USAGE_ENCRYPT )
+ {
+ PSA_ASSERT( psa_aead_encrypt( handle, alg,
+ nonce, nonce_length,
+ NULL, 0,
+ plaintext, sizeof( plaintext ),
+ ciphertext, sizeof( ciphertext ),
+ &ciphertext_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_DECRYPT )
+ {
+ psa_status_t verify_status =
+ ( usage & PSA_KEY_USAGE_ENCRYPT ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE );
+ TEST_EQUAL( psa_aead_decrypt( handle, alg,
+ nonce, nonce_length,
+ NULL, 0,
+ ciphertext, ciphertext_length,
+ plaintext, sizeof( plaintext ),
+ &plaintext_length ),
+ verify_status );
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int exercise_signature_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
+ size_t payload_length = 16;
+ unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
+ size_t signature_length = sizeof( signature );
+ psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+
+ /* If the policy allows signing with any hash, just pick one. */
+ if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH )
+ {
+#if defined(KNOWN_SUPPORTED_HASH_ALG)
+ hash_alg = KNOWN_SUPPORTED_HASH_ALG;
+ alg ^= PSA_ALG_ANY_HASH ^ hash_alg;
+#else
+ test_fail( "No hash algorithm for hash-and-sign testing", __LINE__, __FILE__ );
+ return( 1 );
+#endif
+ }
+
+ if( usage & PSA_KEY_USAGE_SIGN )
+ {
+ /* Some algorithms require the payload to have the size of
+ * the hash encoded in the algorithm. Use this input size
+ * even for algorithms that allow other input sizes. */
+ if( hash_alg != 0 )
+ payload_length = PSA_HASH_SIZE( hash_alg );
+ PSA_ASSERT( psa_asymmetric_sign( handle, alg,
+ payload, payload_length,
+ signature, sizeof( signature ),
+ &signature_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_VERIFY )
+ {
+ psa_status_t verify_status =
+ ( usage & PSA_KEY_USAGE_SIGN ?
+ PSA_SUCCESS :
+ PSA_ERROR_INVALID_SIGNATURE );
+ TEST_EQUAL( psa_asymmetric_verify( handle, alg,
+ payload, payload_length,
+ signature, signature_length ),
+ verify_status );
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int exercise_asymmetric_encryption_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ unsigned char plaintext[256] = "Hello, world...";
+ unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)";
+ size_t ciphertext_length = sizeof( ciphertext );
+ size_t plaintext_length = 16;
+
+ if( usage & PSA_KEY_USAGE_ENCRYPT )
+ {
+ PSA_ASSERT( psa_asymmetric_encrypt( handle, alg,
+ plaintext, plaintext_length,
+ NULL, 0,
+ ciphertext, sizeof( ciphertext ),
+ &ciphertext_length ) );
+ }
+
+ if( usage & PSA_KEY_USAGE_DECRYPT )
+ {
+ psa_status_t status =
+ psa_asymmetric_decrypt( handle, alg,
+ ciphertext, ciphertext_length,
+ NULL, 0,
+ plaintext, sizeof( plaintext ),
+ &plaintext_length );
+ TEST_ASSERT( status == PSA_SUCCESS ||
+ ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 &&
+ ( status == PSA_ERROR_INVALID_ARGUMENT ||
+ status == PSA_ERROR_INVALID_PADDING ) ) );
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int exercise_key_derivation_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ unsigned char label[16] = "This is a label.";
+ size_t label_length = sizeof( label );
+ unsigned char seed[16] = "abcdefghijklmnop";
+ size_t seed_length = sizeof( seed );
+ unsigned char output[1];
+
+ if( usage & PSA_KEY_USAGE_DERIVE )
+ {
+ PSA_ASSERT( psa_key_derivation( &generator,
+ handle, alg,
+ label, label_length,
+ seed, seed_length,
+ sizeof( output ) ) );
+ PSA_ASSERT( psa_generator_read( &generator,
+ output,
+ sizeof( output ) ) );
+ PSA_ASSERT( psa_generator_abort( &generator ) );
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator,
+ psa_key_handle_t handle,
+ psa_algorithm_t alg )
+{
+ psa_key_type_t private_key_type;
+ psa_key_type_t public_key_type;
+ size_t key_bits;
+ uint8_t *public_key = NULL;
+ size_t public_key_length;
+ /* Return GENERIC_ERROR if something other than the final call to
+ * psa_key_agreement fails. This isn't fully satisfactory, but it's
+ * good enough: callers will report it as a failed test anyway. */
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ PSA_ASSERT( psa_get_key_information( handle,
+ &private_key_type,
+ &key_bits ) );
+ public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type );
+ public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
+ ASSERT_ALLOC( public_key, public_key_length );
+ PSA_ASSERT( psa_export_public_key( handle,
+ public_key, public_key_length,
+ &public_key_length ) );
+
+ status = psa_key_agreement( generator, handle,
+ public_key, public_key_length,
+ alg );
+exit:
+ mbedtls_free( public_key );
+ return( status );
+}
+
+static int exercise_key_agreement_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ unsigned char output[1];
+ int ok = 0;
+
+ if( usage & PSA_KEY_USAGE_DERIVE )
+ {
+ /* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+ PSA_ASSERT( key_agreement_with_self( &generator, handle, alg ) );
+ PSA_ASSERT( psa_generator_read( &generator,
+ output,
+ sizeof( output ) ) );
+ PSA_ASSERT( psa_generator_abort( &generator ) );
+ }
+ ok = 1;
+
+exit:
+ return( ok );
+}
+
+static int is_oid_of_key_type( psa_key_type_t type,
+ const uint8_t *oid, size_t oid_length )
+{
+ const uint8_t *expected_oid = NULL;
+ size_t expected_oid_length = 0;
+#if defined(MBEDTLS_RSA_C)
+ if( PSA_KEY_TYPE_IS_RSA( type ) )
+ {
+ expected_oid = (uint8_t *) MBEDTLS_OID_PKCS1_RSA;
+ expected_oid_length = sizeof( MBEDTLS_OID_PKCS1_RSA ) - 1;
+ }
+ else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC( type ) )
+ {
+ expected_oid = (uint8_t *) MBEDTLS_OID_EC_ALG_UNRESTRICTED;
+ expected_oid_length = sizeof( MBEDTLS_OID_EC_ALG_UNRESTRICTED ) - 1;
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+ {
+ char message[40];
+ mbedtls_snprintf( message, sizeof( message ),
+ "OID not known for key type=0x%08lx",
+ (unsigned long) type );
+ test_fail( message, __LINE__, __FILE__ );
+ return( 0 );
+ }
+
+ ASSERT_COMPARE( expected_oid, expected_oid_length, oid, oid_length );
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int asn1_skip_integer( unsigned char **p, const unsigned char *end,
+ size_t min_bits, size_t max_bits,
+ int must_be_odd )
+{
+ size_t len;
+ size_t actual_bits;
+ unsigned char msb;
+ TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len,
+ MBEDTLS_ASN1_INTEGER ),
+ 0 );
+ /* Tolerate a slight departure from DER encoding:
+ * - 0 may be represented by an empty string or a 1-byte string.
+ * - The sign bit may be used as a value bit. */
+ if( ( len == 1 && ( *p )[0] == 0 ) ||
+ ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) )
+ {
+ ++( *p );
+ --len;
+ }
+ if( min_bits == 0 && len == 0 )
+ return( 1 );
+ msb = ( *p )[0];
+ TEST_ASSERT( msb != 0 );
+ actual_bits = 8 * ( len - 1 );
+ while( msb != 0 )
+ {
+ msb >>= 1;
+ ++actual_bits;
+ }
+ TEST_ASSERT( actual_bits >= min_bits );
+ TEST_ASSERT( actual_bits <= max_bits );
+ if( must_be_odd )
+ TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 );
+ *p += len;
+ return( 1 );
+exit:
+ return( 0 );
+}
+
+static int asn1_get_implicit_tag( unsigned char **p, const unsigned char *end,
+ size_t *len,
+ unsigned char n, unsigned char tag )
+{
+ int ret;
+ ret = mbedtls_asn1_get_tag( p, end, len,
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ MBEDTLS_ASN1_CONSTRUCTED | ( n ) );
+ if( ret != 0 )
+ return( ret );
+ end = *p + *len;
+ ret = mbedtls_asn1_get_tag( p, end, len, tag );
+ if( ret != 0 )
+ return( ret );
+ if( *p + *len != end )
+ return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ return( 0 );
+}
+
+static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
+ uint8_t *exported, size_t exported_length )
+{
+ if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
+ TEST_EQUAL( exported_length, ( bits + 7 ) / 8 );
+ else
+ TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) );
+
+#if defined(MBEDTLS_DES_C)
+ if( type == PSA_KEY_TYPE_DES )
+ {
+ /* Check the parity bits. */
+ unsigned i;
+ for( i = 0; i < bits / 8; i++ )
+ {
+ unsigned bit_count = 0;
+ unsigned m;
+ for( m = 1; m <= 0x100; m <<= 1 )
+ {
+ if( exported[i] & m )
+ ++bit_count;
+ }
+ TEST_ASSERT( bit_count % 2 != 0 );
+ }
+ }
+ else
+#endif
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+ if( type == PSA_KEY_TYPE_RSA_KEYPAIR )
+ {
+ uint8_t *p = exported;
+ uint8_t *end = exported + exported_length;
+ size_t len;
+ /* RSAPrivateKey ::= SEQUENCE {
+ * version INTEGER, -- must be 0
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER, -- e
+ * privateExponent INTEGER, -- d
+ * prime1 INTEGER, -- p
+ * prime2 INTEGER, -- q
+ * exponent1 INTEGER, -- d mod (p-1)
+ * exponent2 INTEGER, -- d mod (q-1)
+ * coefficient INTEGER, -- (inverse of q) mod p
+ * }
+ */
+ TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
+ MBEDTLS_ASN1_SEQUENCE |
+ MBEDTLS_ASN1_CONSTRUCTED ), 0 );
+ TEST_EQUAL( p + len, end );
+ if( ! asn1_skip_integer( &p, end, 0, 0, 0 ) )
+ goto exit;
+ if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
+ goto exit;
+ if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
+ goto exit;
+ /* Require d to be at least half the size of n. */
+ if( ! asn1_skip_integer( &p, end, bits / 2, bits, 1 ) )
+ goto exit;
+ /* Require p and q to be at most half the size of n, rounded up. */
+ if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
+ goto exit;
+ if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
+ goto exit;
+ if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+ goto exit;
+ if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+ goto exit;
+ if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+ goto exit;
+ TEST_EQUAL( p, end );
+ }
+ else
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
+ {
+ /* Just the secret value */
+ TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ uint8_t *p = exported;
+ uint8_t *end = exported + exported_length;
+ size_t len;
+#if defined(MBEDTLS_RSA_C)
+ if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
+ {
+ /* RSAPublicKey ::= SEQUENCE {
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER } -- e
+ */
+ TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
+ MBEDTLS_ASN1_SEQUENCE |
+ MBEDTLS_ASN1_CONSTRUCTED ),
+ 0 );
+ TEST_EQUAL( p + len, end );
+ if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
+ goto exit;
+ if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
+ goto exit;
+ TEST_EQUAL( p, end );
+ }
+ else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+ if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
+ {
+ /* The representation of an ECC public key is:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - where m is the bit size associated with the curve.
+ */
+ TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end );
+ TEST_EQUAL( p[0], 4 );
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+ {
+ char message[47];
+ mbedtls_snprintf( message, sizeof( message ),
+ "No sanity check for public key type=0x%08lx",
+ (unsigned long) type );
+ test_fail( message, __LINE__, __FILE__ );
+ return( 0 );
+ }
+ }
+ else
+
+ {
+ /* No sanity checks for other types */
+ }
+
+ return( 1 );
+
+exit:
+ return( 0 );
+}
+
+static int exercise_export_key( psa_key_handle_t handle,
+ psa_key_usage_t usage )
+{
+ psa_key_type_t type;
+ size_t bits;
+ uint8_t *exported = NULL;
+ size_t exported_size = 0;
+ size_t exported_length = 0;
+ int ok = 0;
+
+ PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) );
+
+ if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
+ ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ TEST_EQUAL( psa_export_key( handle, NULL, 0, &exported_length ),
+ PSA_ERROR_NOT_PERMITTED );
+ return( 1 );
+ }
+
+ exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
+ ASSERT_ALLOC( exported, exported_size );
+
+ PSA_ASSERT( psa_export_key( handle,
+ exported, exported_size,
+ &exported_length ) );
+ ok = exported_key_sanity_check( type, bits, exported, exported_length );
+
+exit:
+ mbedtls_free( exported );
+ return( ok );
+}
+
+static int exercise_export_public_key( psa_key_handle_t handle )
+{
+ psa_key_type_t type;
+ psa_key_type_t public_type;
+ size_t bits;
+ uint8_t *exported = NULL;
+ size_t exported_size = 0;
+ size_t exported_length = 0;
+ int ok = 0;
+
+ PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) );
+ if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
+ {
+ TEST_EQUAL( psa_export_public_key( handle, NULL, 0, &exported_length ),
+ PSA_ERROR_INVALID_ARGUMENT );
+ return( 1 );
+ }
+
+ public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
+ exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits );
+ ASSERT_ALLOC( exported, exported_size );
+
+ PSA_ASSERT( psa_export_public_key( handle,
+ exported, exported_size,
+ &exported_length ) );
+ ok = exported_key_sanity_check( public_type, bits,
+ exported, exported_length );
+
+exit:
+ mbedtls_free( exported );
+ return( ok );
+}
+
+/** Do smoke tests on a key.
+ *
+ * Perform one of each operation indicated by \p alg (decrypt/encrypt,
+ * sign/verify, or derivation) that is permitted according to \p usage.
+ * \p usage and \p alg should correspond to the expected policy on the
+ * key.
+ *
+ * Export the key if permitted by \p usage, and check that the output
+ * looks sensible. If \p usage forbids export, check that
+ * \p psa_export_key correctly rejects the attempt. If the key is
+ * asymmetric, also check \p psa_export_public_key.
+ *
+ * If the key fails the tests, this function calls the test framework's
+ * `test_fail` function and returns false. Otherwise this function returns
+ * true. Therefore it should be used as follows:
+ * ```
+ * if( ! exercise_key( ... ) ) goto exit;
+ * ```
+ *
+ * \param handle The key to exercise. It should be capable of performing
+ * \p alg.
+ * \param usage The usage flags to assume.
+ * \param alg The algorithm to exercise.
+ *
+ * \retval 0 The key failed the smoke tests.
+ * \retval 1 The key passed the smoke tests.
+ */
+static int exercise_key( psa_key_handle_t handle,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg )
+{
+ int ok;
+ if( alg == 0 )
+ ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
+ else if( PSA_ALG_IS_MAC( alg ) )
+ ok = exercise_mac_key( handle, usage, alg );
+ else if( PSA_ALG_IS_CIPHER( alg ) )
+ ok = exercise_cipher_key( handle, usage, alg );
+ else if( PSA_ALG_IS_AEAD( alg ) )
+ ok = exercise_aead_key( handle, usage, alg );
+ else if( PSA_ALG_IS_SIGN( alg ) )
+ ok = exercise_signature_key( handle, usage, alg );
+ else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+ ok = exercise_asymmetric_encryption_key( handle, usage, alg );
+ else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
+ ok = exercise_key_derivation_key( handle, usage, alg );
+ else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+ ok = exercise_key_agreement_key( handle, usage, alg );
+ else
+ {
+ char message[40];
+ mbedtls_snprintf( message, sizeof( message ),
+ "No code to exercise alg=0x%08lx",
+ (unsigned long) alg );
+ test_fail( message, __LINE__, __FILE__ );
+ ok = 0;
+ }
+
+ ok = ok && exercise_export_key( handle, usage );
+ ok = ok && exercise_export_public_key( handle );
+
+ return( ok );
+}
+
+static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
+ psa_algorithm_t alg )
+{
+ if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) )
+ {
+ return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+ PSA_KEY_USAGE_VERIFY :
+ PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY );
+ }
+ else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
+ PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+ {
+ return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+ PSA_KEY_USAGE_ENCRYPT :
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
+ }
+ else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ||
+ PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+ {
+ return( PSA_KEY_USAGE_DERIVE );
+ }
+ else
+ {
+ return( 0 );
+ }
+
+}
+
+/* An overapproximation of the amount of storage needed for a key of the
+ * given type and with the given content. The API doesn't make it easy
+ * to find a good value for the size. The current implementation doesn't
+ * care about the value anyway. */
+#define KEY_BITS_FROM_DATA( type, data ) \
+ ( data )->len
+
+typedef enum {
+ IMPORT_KEY = 0,
+ GENERATE_KEY = 1,
+ DERIVE_KEY = 2
+} generate_method;
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void static_checks( )
+{
+ size_t max_truncated_mac_size =
+ PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET;
+
+ /* Check that the length for a truncated MAC always fits in the algorithm
+ * encoding. The shifted mask is the maximum truncated value. The
+ * untruncated algorithm may be one byte larger. */
+ TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import( data_t *data, int type, int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_status_t expected_status = expected_status_arg;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ status = psa_import_key( handle, type, data->x, data->len );
+ TEST_EQUAL( status, expected_status );
+ if( status == PSA_SUCCESS )
+ PSA_ASSERT( psa_destroy_key( handle ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_twice( int alg_arg, int usage_arg,
+ int type1_arg, data_t *data1,
+ int expected_import1_status_arg,
+ int type2_arg, data_t *data2,
+ int expected_import2_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_usage_t usage = usage_arg;
+ psa_key_type_t type1 = type1_arg;
+ psa_status_t expected_import1_status = expected_import1_status_arg;
+ psa_key_type_t type2 = type2_arg;
+ psa_status_t expected_import2_status = expected_import2_status_arg;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, usage, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ status = psa_import_key( handle, type1, data1->x, data1->len );
+ TEST_EQUAL( status, expected_import1_status );
+ status = psa_import_key( handle, type2, data2->x, data2->len );
+ TEST_EQUAL( status, expected_import2_status );
+
+ if( expected_import1_status == PSA_SUCCESS ||
+ expected_import2_status == PSA_SUCCESS )
+ {
+ if( ! exercise_key( handle, usage, alg ) )
+ goto exit;
+ }
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ size_t bits = bits_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_status_t status;
+ psa_key_type_t type =
+ keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY;
+ size_t buffer_size = /* Slight overapproximations */
+ keypair ? bits * 9 / 16 + 80 : bits / 8 + 20;
+ unsigned char *buffer = NULL;
+ unsigned char *p;
+ int ret;
+ size_t length;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ ASSERT_ALLOC( buffer, buffer_size );
+
+ TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p,
+ bits, keypair ) ) >= 0 );
+ length = ret;
+
+ /* Try importing the key */
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ status = psa_import_key( handle, type, p, length );
+ TEST_EQUAL( status, expected_status );
+ if( status == PSA_SUCCESS )
+ PSA_ASSERT( psa_destroy_key( handle ) );
+
+exit:
+ mbedtls_free( buffer );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export( data_t *data,
+ int type_arg,
+ int alg_arg,
+ int usage_arg,
+ int expected_bits,
+ int export_size_delta,
+ int expected_export_status_arg,
+ int canonical_input )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t type = type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_export_status = expected_export_status_arg;
+ psa_status_t status;
+ unsigned char *exported = NULL;
+ unsigned char *reexported = NULL;
+ size_t export_size;
+ size_t exported_length = INVALID_EXPORT_LENGTH;
+ size_t reexported_length;
+ psa_key_type_t got_type;
+ size_t got_bits;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ export_size = (ptrdiff_t) data->len + export_size_delta;
+ ASSERT_ALLOC( exported, export_size );
+ if( ! canonical_input )
+ ASSERT_ALLOC( reexported, export_size );
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, usage_arg, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ),
+ PSA_ERROR_DOES_NOT_EXIST );
+
+ /* Import the key */
+ PSA_ASSERT( psa_import_key( handle, type,
+ data->x, data->len ) );
+
+ /* Test the key information */
+ PSA_ASSERT( psa_get_key_information( handle,
+ &got_type,
+ &got_bits ) );
+ TEST_EQUAL( got_type, type );
+ TEST_EQUAL( got_bits, (size_t) expected_bits );
+
+ /* Export the key */
+ status = psa_export_key( handle,
+ exported, export_size,
+ &exported_length );
+ TEST_EQUAL( status, expected_export_status );
+
+ /* The exported length must be set by psa_export_key() to a value between 0
+ * and export_size. On errors, the exported length must be 0. */
+ TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH );
+ TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 );
+ TEST_ASSERT( exported_length <= export_size );
+
+ TEST_ASSERT( mem_is_char( exported + exported_length, 0,
+ export_size - exported_length ) );
+ if( status != PSA_SUCCESS )
+ {
+ TEST_EQUAL( exported_length, 0 );
+ goto destroy;
+ }
+
+ if( ! exercise_export_key( handle, usage_arg ) )
+ goto exit;
+
+ if( canonical_input )
+ ASSERT_COMPARE( data->x, data->len, exported, exported_length );
+ else
+ {
+ psa_key_handle_t handle2;
+ PSA_ASSERT( psa_allocate_key( &handle2 ) );
+ PSA_ASSERT( psa_set_key_policy( handle2, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle2, type,
+ exported,
+ exported_length ) );
+ PSA_ASSERT( psa_export_key( handle2,
+ reexported,
+ export_size,
+ &reexported_length ) );
+ ASSERT_COMPARE( exported, exported_length,
+ reexported, reexported_length );
+ PSA_ASSERT( psa_close_key( handle2 ) );
+ }
+ TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) );
+
+destroy:
+ /* Destroy the key */
+ PSA_ASSERT( psa_destroy_key( handle ) );
+ TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ),
+ PSA_ERROR_INVALID_HANDLE );
+
+exit:
+ mbedtls_free( exported );
+ mbedtls_free( reexported );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_key_nonempty_slot( )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA;
+ psa_status_t status;
+ const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 };
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+
+ /* Import the key */
+ PSA_ASSERT( psa_import_key( handle, type,
+ data, sizeof( data ) ) );
+
+ /* Import the key again */
+ status = psa_import_key( handle, type, data, sizeof( data ) );
+ TEST_EQUAL( status, PSA_ERROR_ALREADY_EXISTS );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_invalid_handle( int handle, int expected_export_status_arg )
+{
+ psa_status_t status;
+ unsigned char *exported = NULL;
+ size_t export_size = 0;
+ size_t exported_length = INVALID_EXPORT_LENGTH;
+ psa_status_t expected_export_status = expected_export_status_arg;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Export the key */
+ status = psa_export_key( (psa_key_handle_t) handle,
+ exported, export_size,
+ &exported_length );
+ TEST_EQUAL( status, expected_export_status );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_with_no_key_activity( )
+{
+ psa_key_handle_t handle = 0;
+ psa_algorithm_t alg = PSA_ALG_CTR;
+ psa_status_t status;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ unsigned char *exported = NULL;
+ size_t export_size = 0;
+ size_t exported_length = INVALID_EXPORT_LENGTH;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ /* Export the key */
+ status = psa_export_key( handle,
+ exported, export_size,
+ &exported_length );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_with_no_key_activity( )
+{
+ psa_key_handle_t handle = 0;
+ psa_status_t status;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ int exercise_alg = PSA_ALG_CTR;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
+
+exit:
+ psa_cipher_abort( &operation );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_after_import_failure( data_t *data, int type_arg,
+ int expected_import_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t type = type_arg;
+ psa_status_t status;
+ unsigned char *exported = NULL;
+ size_t export_size = 0;
+ psa_status_t expected_import_status = expected_import_status_arg;
+ size_t exported_length = INVALID_EXPORT_LENGTH;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+
+ /* Import the key - expect failure */
+ status = psa_import_key( handle, type,
+ data->x, data->len );
+ TEST_EQUAL( status, expected_import_status );
+
+ /* Export the key */
+ status = psa_export_key( handle,
+ exported, export_size,
+ &exported_length );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_after_import_failure( data_t *data, int type_arg,
+ int expected_import_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_type_t type = type_arg;
+ psa_status_t status;
+ psa_status_t expected_import_status = expected_import_status_arg;
+ int exercise_alg = PSA_ALG_CTR;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+
+ /* Import the key - expect failure */
+ status = psa_import_key( handle, type,
+ data->x, data->len );
+ TEST_EQUAL( status, expected_import_status );
+
+ status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
+ TEST_EQUAL( status, PSA_ERROR_DOES_NOT_EXIST );
+
+exit:
+ psa_cipher_abort( &operation );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_after_destroy_key( data_t *data, int type_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t type = type_arg;
+ psa_status_t status;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_algorithm_t alg = PSA_ALG_CTR;
+ unsigned char *exported = NULL;
+ size_t export_size = 0;
+ size_t exported_length = INVALID_EXPORT_LENGTH;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ export_size = (ptrdiff_t) data->len;
+ ASSERT_ALLOC( exported, export_size );
+
+ /* Import the key */
+ PSA_ASSERT( psa_import_key( handle, type,
+ data->x, data->len ) );
+
+ PSA_ASSERT( psa_export_key( handle, exported, export_size,
+ &exported_length ) );
+
+ /* Destroy the key */
+ PSA_ASSERT( psa_destroy_key( handle ) );
+
+ /* Export the key */
+ status = psa_export_key( handle, exported, export_size,
+ &exported_length );
+ TEST_EQUAL( status, PSA_ERROR_INVALID_HANDLE );
+
+exit:
+ mbedtls_free( exported );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export_public_key( data_t *data,
+ int type_arg,
+ int alg_arg,
+ int export_size_delta,
+ int expected_export_status_arg,
+ data_t *expected_public_key )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t type = type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_export_status = expected_export_status_arg;
+ psa_status_t status;
+ unsigned char *exported = NULL;
+ size_t export_size = expected_public_key->len + export_size_delta;
+ size_t exported_length = INVALID_EXPORT_LENGTH;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ /* Import the key */
+ PSA_ASSERT( psa_import_key( handle, type,
+ data->x, data->len ) );
+
+ /* Export the public key */
+ ASSERT_ALLOC( exported, export_size );
+ status = psa_export_public_key( handle,
+ exported, export_size,
+ &exported_length );
+ TEST_EQUAL( status, expected_export_status );
+ if( status == PSA_SUCCESS )
+ {
+ psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
+ size_t bits;
+ PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) );
+ TEST_ASSERT( expected_public_key->len <=
+ PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
+ ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
+ exported, exported_length );
+ }
+
+exit:
+ mbedtls_free( exported );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_and_exercise_key( data_t *data,
+ int type_arg,
+ int bits_arg,
+ int alg_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t type = type_arg;
+ size_t bits = bits_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_usage_t usage = usage_to_exercise( type, alg );
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t got_type;
+ size_t got_bits;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, usage, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ /* Import the key */
+ status = psa_import_key( handle, type, data->x, data->len );
+ PSA_ASSERT( status );
+
+ /* Test the key information */
+ PSA_ASSERT( psa_get_key_information( handle,
+ &got_type,
+ &got_bits ) );
+ TEST_EQUAL( got_type, type );
+ TEST_EQUAL( got_bits, bits );
+
+ /* Do something with the key according to its type and permitted usage. */
+ if( ! exercise_key( handle, usage, alg ) )
+ goto exit;
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy( int usage_arg, int alg_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_usage_t usage = usage_arg;
+ psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+ unsigned char key[32] = {0};
+ psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT;
+
+ memset( key, 0x2a, sizeof( key ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy_set, usage, alg );
+
+ TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage );
+ TEST_EQUAL( psa_key_policy_get_algorithm( &policy_set ), alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key, sizeof( key ) ) );
+
+ PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
+
+ TEST_EQUAL( policy_get.usage, policy_set.usage );
+ TEST_EQUAL( policy_get.alg, policy_set.alg );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy_init( )
+{
+ /* Test each valid way of initializing the object, except for `= {0}`, as
+ * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+ * though it's OK by the C standard. We could test for this, but we'd need
+ * to supress the Clang warning for the test. */
+ psa_key_policy_t func = psa_key_policy_init( );
+ psa_key_policy_t init = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t zero;
+
+ memset( &zero, 0, sizeof( zero ) );
+
+ /* A default key policy should not permit any usage. */
+ TEST_EQUAL( psa_key_policy_get_usage( &func ), 0 );
+ TEST_EQUAL( psa_key_policy_get_usage( &init ), 0 );
+ TEST_EQUAL( psa_key_policy_get_usage( &zero ), 0 );
+
+ /* A default key policy should not permit any algorithm. */
+ TEST_EQUAL( psa_key_policy_get_algorithm( &func ), 0 );
+ TEST_EQUAL( psa_key_policy_get_algorithm( &init ), 0 );
+ TEST_EQUAL( psa_key_policy_get_algorithm( &zero ), 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type,
+ data_t *key_data,
+ int exercise_alg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_status_t status;
+ unsigned char mac[PSA_MAC_MAX_SIZE];
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ status = psa_mac_sign_setup( &operation, handle, exercise_alg );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ psa_mac_abort( &operation );
+
+ memset( mac, 0, sizeof( mac ) );
+ status = psa_mac_verify_setup( &operation, handle, exercise_alg );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_mac_abort( &operation );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type,
+ data_t *key_data,
+ int exercise_alg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+ psa_cipher_abort( &operation );
+
+ status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_cipher_abort( &operation );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type,
+ data_t *key_data,
+ int nonce_length_arg,
+ int tag_length_arg,
+ int exercise_alg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_status_t status;
+ unsigned char nonce[16] = {0};
+ size_t nonce_length = nonce_length_arg;
+ unsigned char tag[16];
+ size_t tag_length = tag_length_arg;
+ size_t output_length;
+
+ TEST_ASSERT( nonce_length <= sizeof( nonce ) );
+ TEST_ASSERT( tag_length <= sizeof( tag ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ status = psa_aead_encrypt( handle, exercise_alg,
+ nonce, nonce_length,
+ NULL, 0,
+ NULL, 0,
+ tag, tag_length,
+ &output_length );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+ memset( tag, 0, sizeof( tag ) );
+ status = psa_aead_decrypt( handle, exercise_alg,
+ nonce, nonce_length,
+ NULL, 0,
+ tag, tag_length,
+ NULL, 0,
+ &output_length );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
+ TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type,
+ data_t *key_data,
+ int exercise_alg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_status_t status;
+ size_t key_bits;
+ size_t buffer_length;
+ unsigned char *buffer = NULL;
+ size_t output_length;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ PSA_ASSERT( psa_get_key_information( handle,
+ NULL,
+ &key_bits ) );
+ buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
+ exercise_alg );
+ ASSERT_ALLOC( buffer, buffer_length );
+
+ status = psa_asymmetric_encrypt( handle, exercise_alg,
+ NULL, 0,
+ NULL, 0,
+ buffer, buffer_length,
+ &output_length );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+ if( buffer_length != 0 )
+ memset( buffer, 0, buffer_length );
+ status = psa_asymmetric_decrypt( handle, exercise_alg,
+ buffer, buffer_length,
+ NULL, 0,
+ buffer, buffer_length,
+ &output_length );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
+ TEST_EQUAL( status, PSA_ERROR_INVALID_PADDING );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( buffer );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type,
+ data_t *key_data,
+ int exercise_alg,
+ int payload_length_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_status_t status;
+ unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
+ /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be
+ * compatible with the policy and `payload_length_arg` is supposed to be
+ * a valid input length to sign. If `payload_length_arg <= 0`,
+ * `exercise_alg` is supposed to be forbidden by the policy. */
+ int compatible_alg = payload_length_arg > 0;
+ size_t payload_length = compatible_alg ? payload_length_arg : 0;
+ unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
+ size_t signature_length;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ status = psa_asymmetric_sign( handle, exercise_alg,
+ payload, payload_length,
+ signature, sizeof( signature ),
+ &signature_length );
+ if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+ memset( signature, 0, sizeof( signature ) );
+ status = psa_asymmetric_verify( handle, exercise_alg,
+ payload, payload_length,
+ signature, sizeof( signature ) );
+ if( compatible_alg && ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
+ TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type,
+ data_t *key_data,
+ int exercise_alg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ status = psa_key_derivation( &generator, handle,
+ exercise_alg,
+ NULL, 0,
+ NULL, 0,
+ 1 );
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void agreement_key_policy( int policy_usage,
+ int policy_alg,
+ int key_type_arg,
+ data_t *key_data,
+ int exercise_alg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t key_type = key_type_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ status = key_agreement_with_self( &generator, handle, exercise_alg );
+
+ if( policy_alg == exercise_alg &&
+ ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
+ PSA_ASSERT( status );
+ else
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_key_policy( int source_usage_arg, int source_alg_arg,
+ int type_arg, data_t *material,
+ int target_usage_arg, int target_alg_arg,
+ int constraint_usage_arg, int constraint_alg_arg,
+ int expected_usage_arg, int expected_alg_arg )
+{
+ psa_key_usage_t source_usage = source_usage_arg;
+ psa_algorithm_t source_alg = source_alg_arg;
+ psa_key_handle_t source_handle = 0;
+ psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t source_type = type_arg;
+ size_t source_bits;
+ psa_key_usage_t target_usage = target_usage_arg;
+ psa_algorithm_t target_alg = target_alg_arg;
+ psa_key_handle_t target_handle = 0;
+ psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t target_type;
+ size_t target_bits;
+ psa_key_usage_t constraint_usage = constraint_usage_arg;
+ psa_algorithm_t constraint_alg = constraint_alg_arg;
+ psa_key_policy_t constraint = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t *p_constraint = NULL;
+ psa_key_usage_t expected_usage = expected_usage_arg;
+ psa_algorithm_t expected_alg = expected_alg_arg;
+ uint8_t *export_buffer = NULL;
+
+ if( constraint_usage_arg != -1 )
+ {
+ p_constraint = &constraint;
+ psa_key_policy_set_usage( p_constraint,
+ constraint_usage, constraint_alg );
+ }
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Populate the source slot. */
+ PSA_ASSERT( psa_allocate_key( &source_handle ) );
+ psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
+ PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
+ PSA_ASSERT( psa_import_key( source_handle, source_type,
+ material->x, material->len ) );
+ PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
+
+ /* Prepare the target slot. */
+ PSA_ASSERT( psa_allocate_key( &target_handle ) );
+ psa_key_policy_set_usage( &target_policy, target_usage, target_alg );
+ PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) );
+ target_policy = psa_key_policy_init();
+
+ /* Copy the key. */
+ PSA_ASSERT( psa_copy_key( source_handle, target_handle, p_constraint ) );
+
+ /* Destroy the source to ensure that this doesn't affect the target. */
+ PSA_ASSERT( psa_destroy_key( source_handle ) );
+
+ /* Test that the target slot has the expected content and policy. */
+ PSA_ASSERT( psa_get_key_information( target_handle,
+ &target_type, &target_bits ) );
+ TEST_EQUAL( source_type, target_type );
+ TEST_EQUAL( source_bits, target_bits );
+ PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) );
+ TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) );
+ TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) );
+ if( expected_usage & PSA_KEY_USAGE_EXPORT )
+ {
+ size_t length;
+ ASSERT_ALLOC( export_buffer, material->len );
+ PSA_ASSERT( psa_export_key( target_handle, export_buffer,
+ material->len, &length ) );
+ ASSERT_COMPARE( material->x, material->len,
+ export_buffer, length );
+ }
+ if( ! exercise_key( target_handle, expected_usage, expected_alg ) )
+ goto exit;
+
+ PSA_ASSERT( psa_close_key( target_handle ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( export_buffer );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_fail( int source_usage_arg, int source_alg_arg,
+ int type_arg, data_t *material,
+ int target_usage_arg, int target_alg_arg,
+ int constraint_usage_arg, int constraint_alg_arg,
+ int expected_status_arg )
+{
+ /* Test copy failure into an empty slot. There is a test for copy failure
+ * into an occupied slot in
+ * test_suite_psa_crypto_slot_management.function. */
+
+ psa_key_usage_t source_usage = source_usage_arg;
+ psa_algorithm_t source_alg = source_alg_arg;
+ psa_key_handle_t source_handle = 0;
+ psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t source_type = type_arg;
+ size_t source_bits;
+ psa_key_usage_t target_usage = target_usage_arg;
+ psa_algorithm_t target_alg = target_alg_arg;
+ psa_key_handle_t target_handle = 0;
+ psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t target_type;
+ size_t target_bits;
+ psa_key_usage_t constraint_usage = constraint_usage_arg;
+ psa_algorithm_t constraint_alg = constraint_alg_arg;
+ psa_key_policy_t constraint = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t *p_constraint = NULL;
+ psa_status_t expected_status = expected_status_arg;
+
+ if( constraint_usage_arg != -1 )
+ {
+ p_constraint = &constraint;
+ psa_key_policy_set_usage( p_constraint,
+ constraint_usage, constraint_alg );
+ }
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Populate the source slot. */
+ PSA_ASSERT( psa_allocate_key( &source_handle ) );
+ psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
+ PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
+ PSA_ASSERT( psa_import_key( source_handle, source_type,
+ material->x, material->len ) );
+ PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
+
+ /* Prepare the target slot. */
+ PSA_ASSERT( psa_allocate_key( &target_handle ) );
+ psa_key_policy_set_usage( &target_policy, target_usage, target_alg );
+ PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) );
+ target_policy = psa_key_policy_init();
+
+ /* Copy the key. */
+ TEST_EQUAL( psa_copy_key( source_handle, target_handle, p_constraint ),
+ expected_status );
+
+ /* Test that the target slot is unaffected. */
+ TEST_EQUAL( psa_get_key_information( target_handle,
+ &target_type, &target_bits ),
+ PSA_ERROR_DOES_NOT_EXIST );
+ PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) );
+ TEST_EQUAL( target_usage, psa_key_policy_get_usage( &target_policy ) );
+ TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &target_policy ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_operation_init( )
+{
+ const uint8_t input[1] = { 0 };
+ /* Test each valid way of initializing the object, except for `= {0}`, as
+ * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+ * though it's OK by the C standard. We could test for this, but we'd need
+ * to supress the Clang warning for the test. */
+ psa_hash_operation_t func = psa_hash_operation_init( );
+ psa_hash_operation_t init = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t zero;
+
+ memset( &zero, 0, sizeof( zero ) );
+
+ /* A freshly-initialized hash operation should not be usable. */
+ TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_hash_update( &zero, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+
+ /* A default hash operation should be abortable without error. */
+ PSA_ASSERT( psa_hash_abort( &func ) );
+ PSA_ASSERT( psa_hash_abort( &init ) );
+ PSA_ASSERT( psa_hash_abort( &zero ) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_setup( int alg_arg,
+ int expected_status_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ psa_status_t status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ status = psa_hash_setup( &operation, alg );
+ TEST_EQUAL( status, expected_status );
+
+ /* Whether setup succeeded or failed, abort must succeed. */
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* If setup failed, reproduce the failure, so as to
+ * test the resulting state of the operation object. */
+ if( status != PSA_SUCCESS )
+ TEST_EQUAL( psa_hash_setup( &operation, alg ), status );
+
+ /* Now the operation object should be reusable. */
+#if defined(KNOWN_SUPPORTED_HASH_ALG)
+ PSA_ASSERT( psa_hash_setup( &operation, KNOWN_SUPPORTED_HASH_ALG ) );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+#endif
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_bad_order( )
+{
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ unsigned char input[] = "";
+ /* SHA-256 hash of an empty string */
+ const unsigned char valid_hash[] = {
+ 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
+ 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
+ 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 };
+ unsigned char hash[sizeof(valid_hash)] = { 0 };
+ size_t hash_len;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Call setup twice in a row. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( psa_hash_setup( &operation, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call update without calling setup beforehand. */
+ TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call update after finish. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ PSA_ASSERT( psa_hash_finish( &operation,
+ hash, sizeof( hash ), &hash_len ) );
+ TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call verify without calling setup beforehand. */
+ TEST_EQUAL( psa_hash_verify( &operation,
+ valid_hash, sizeof( valid_hash ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call verify after finish. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ PSA_ASSERT( psa_hash_finish( &operation,
+ hash, sizeof( hash ), &hash_len ) );
+ TEST_EQUAL( psa_hash_verify( &operation,
+ valid_hash, sizeof( valid_hash ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call verify twice in a row. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ PSA_ASSERT( psa_hash_verify( &operation,
+ valid_hash, sizeof( valid_hash ) ) );
+ TEST_EQUAL( psa_hash_verify( &operation,
+ valid_hash, sizeof( valid_hash ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call finish without calling setup beforehand. */
+ TEST_EQUAL( psa_hash_finish( &operation,
+ hash, sizeof( hash ), &hash_len ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call finish twice in a row. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ PSA_ASSERT( psa_hash_finish( &operation,
+ hash, sizeof( hash ), &hash_len ) );
+ TEST_EQUAL( psa_hash_finish( &operation,
+ hash, sizeof( hash ), &hash_len ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+ /* Call finish after calling verify. */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ PSA_ASSERT( psa_hash_verify( &operation,
+ valid_hash, sizeof( valid_hash ) ) );
+ TEST_EQUAL( psa_hash_finish( &operation,
+ hash, sizeof( hash ), &hash_len ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_hash_abort( &operation ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_verify_bad_args( )
+{
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ /* SHA-256 hash of an empty string with 2 extra bytes (0xaa and 0xbb)
+ * appended to it */
+ unsigned char hash[] = {
+ 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
+ 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
+ 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb };
+ size_t expected_size = PSA_HASH_SIZE( alg );
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* psa_hash_verify with a smaller hash than expected */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* psa_hash_verify with a non-matching hash */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( psa_hash_verify( &operation, hash + 1, expected_size ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* psa_hash_verify with a hash longer than expected */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_finish_bad_args( )
+{
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ unsigned char hash[PSA_HASH_MAX_SIZE];
+ size_t expected_size = PSA_HASH_SIZE( alg );
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ size_t hash_len;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* psa_hash_finish with a smaller hash buffer than expected */
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ TEST_EQUAL( psa_hash_finish( &operation,
+ hash, expected_size - 1, &hash_len ),
+ PSA_ERROR_BUFFER_TOO_SMALL );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_clone_source_state( )
+{
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ unsigned char hash[PSA_HASH_MAX_SIZE];
+ psa_hash_operation_t op_source = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
+ size_t hash_len;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_hash_setup( &op_source, alg ) );
+
+ PSA_ASSERT( psa_hash_setup( &op_setup, alg ) );
+ PSA_ASSERT( psa_hash_setup( &op_finished, alg ) );
+ PSA_ASSERT( psa_hash_finish( &op_finished,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) );
+ PSA_ASSERT( psa_hash_abort( &op_aborted ) );
+
+ TEST_EQUAL( psa_hash_clone( &op_source, &op_setup ),
+ PSA_ERROR_BAD_STATE );
+
+ PSA_ASSERT( psa_hash_clone( &op_source, &op_init ) );
+ PSA_ASSERT( psa_hash_finish( &op_init,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_clone( &op_source, &op_finished ) );
+ PSA_ASSERT( psa_hash_finish( &op_finished,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_clone( &op_source, &op_aborted ) );
+ PSA_ASSERT( psa_hash_finish( &op_aborted,
+ hash, sizeof( hash ), &hash_len ) );
+
+exit:
+ psa_hash_abort( &op_source );
+ psa_hash_abort( &op_init );
+ psa_hash_abort( &op_setup );
+ psa_hash_abort( &op_finished );
+ psa_hash_abort( &op_aborted );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_clone_target_state( )
+{
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ unsigned char hash[PSA_HASH_MAX_SIZE];
+ psa_hash_operation_t op_init = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_setup = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_finished = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t op_target = PSA_HASH_OPERATION_INIT;
+ size_t hash_len;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_hash_setup( &op_setup, alg ) );
+ PSA_ASSERT( psa_hash_setup( &op_finished, alg ) );
+ PSA_ASSERT( psa_hash_finish( &op_finished,
+ hash, sizeof( hash ), &hash_len ) );
+ PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) );
+ PSA_ASSERT( psa_hash_abort( &op_aborted ) );
+
+ PSA_ASSERT( psa_hash_clone( &op_setup, &op_target ) );
+ PSA_ASSERT( psa_hash_finish( &op_target,
+ hash, sizeof( hash ), &hash_len ) );
+
+ TEST_EQUAL( psa_hash_clone( &op_init, &op_target ), PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_hash_clone( &op_finished, &op_target ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_hash_clone( &op_aborted, &op_target ),
+ PSA_ERROR_BAD_STATE );
+
+exit:
+ psa_hash_abort( &op_target );
+ psa_hash_abort( &op_init );
+ psa_hash_abort( &op_setup );
+ psa_hash_abort( &op_finished );
+ psa_hash_abort( &op_aborted );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_operation_init( )
+{
+ const uint8_t input[1] = { 0 };
+
+ /* Test each valid way of initializing the object, except for `= {0}`, as
+ * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+ * though it's OK by the C standard. We could test for this, but we'd need
+ * to supress the Clang warning for the test. */
+ psa_mac_operation_t func = psa_mac_operation_init( );
+ psa_mac_operation_t init = PSA_MAC_OPERATION_INIT;
+ psa_mac_operation_t zero;
+
+ memset( &zero, 0, sizeof( zero ) );
+
+ /* A freshly-initialized MAC operation should not be usable. */
+ TEST_EQUAL( psa_mac_update( &func,
+ input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_mac_update( &init,
+ input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_mac_update( &zero,
+ input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+
+ /* A default MAC operation should be abortable without error. */
+ PSA_ASSERT( psa_mac_abort( &func ) );
+ PSA_ASSERT( psa_mac_abort( &init ) );
+ PSA_ASSERT( psa_mac_abort( &zero ) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_setup( int key_type_arg,
+ data_t *key,
+ int alg_arg,
+ int expected_status_arg )
+{
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+#if defined(KNOWN_SUPPORTED_MAC_ALG)
+ const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk";
+#endif
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ if( ! exercise_mac_setup( key_type, key->x, key->len, alg,
+ &operation, &status ) )
+ goto exit;
+ TEST_EQUAL( status, expected_status );
+
+ /* The operation object should be reusable. */
+#if defined(KNOWN_SUPPORTED_MAC_ALG)
+ if( ! exercise_mac_setup( KNOWN_SUPPORTED_MAC_KEY_TYPE,
+ smoke_test_key_data,
+ sizeof( smoke_test_key_data ),
+ KNOWN_SUPPORTED_MAC_ALG,
+ &operation, &status ) )
+ goto exit;
+ TEST_EQUAL( status, PSA_SUCCESS );
+#endif
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_bad_order( )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = PSA_KEY_TYPE_HMAC;
+ psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256);
+ const uint8_t key[] = {
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ uint8_t sign_mac[PSA_MAC_MAX_SIZE + 10] = { 0 };
+ size_t sign_mac_length = 0;
+ const uint8_t input[] = { 0xbb, 0xbb, 0xbb, 0xbb };
+ const uint8_t verify_mac[] = {
+ 0x74, 0x65, 0x93, 0x8c, 0xeb, 0x1d, 0xb3, 0x76, 0x5a, 0x38, 0xe7, 0xdd,
+ 0x85, 0xc5, 0xad, 0x4f, 0x07, 0xe7, 0xd5, 0xb2, 0x64, 0xf0, 0x1a, 0x1a,
+ 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 };
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
+ alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key, sizeof(key) ) );
+
+ /* Call update without calling setup beforehand. */
+ TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Call sign finish without calling setup beforehand. */
+ TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ),
+ &sign_mac_length),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Call verify finish without calling setup beforehand. */
+ TEST_EQUAL( psa_mac_verify_finish( &operation,
+ verify_mac, sizeof( verify_mac ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Call setup twice in a row. */
+ PSA_ASSERT( psa_mac_sign_setup( &operation,
+ handle, alg ) );
+ TEST_EQUAL( psa_mac_sign_setup( &operation,
+ handle, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Call update after sign finish. */
+ PSA_ASSERT( psa_mac_sign_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ PSA_ASSERT( psa_mac_sign_finish( &operation,
+ sign_mac, sizeof( sign_mac ),
+ &sign_mac_length ) );
+ TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Call update after verify finish. */
+ PSA_ASSERT( psa_mac_verify_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ PSA_ASSERT( psa_mac_verify_finish( &operation,
+ verify_mac, sizeof( verify_mac ) ) );
+ TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Call sign finish twice in a row. */
+ PSA_ASSERT( psa_mac_sign_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ PSA_ASSERT( psa_mac_sign_finish( &operation,
+ sign_mac, sizeof( sign_mac ),
+ &sign_mac_length ) );
+ TEST_EQUAL( psa_mac_sign_finish( &operation,
+ sign_mac, sizeof( sign_mac ),
+ &sign_mac_length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Call verify finish twice in a row. */
+ PSA_ASSERT( psa_mac_verify_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ PSA_ASSERT( psa_mac_verify_finish( &operation,
+ verify_mac, sizeof( verify_mac ) ) );
+ TEST_EQUAL( psa_mac_verify_finish( &operation,
+ verify_mac, sizeof( verify_mac ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Setup sign but try verify. */
+ PSA_ASSERT( psa_mac_sign_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ TEST_EQUAL( psa_mac_verify_finish( &operation,
+ verify_mac, sizeof( verify_mac ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+ /* Setup verify but try sign. */
+ PSA_ASSERT( psa_mac_verify_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) );
+ TEST_EQUAL( psa_mac_sign_finish( &operation,
+ sign_mac, sizeof( sign_mac ),
+ &sign_mac_length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_mac_abort( &operation ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_sign( int key_type_arg,
+ data_t *key,
+ int alg_arg,
+ data_t *input,
+ data_t *expected_mac )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ /* Leave a little extra room in the output buffer. At the end of the
+ * test, we'll check that the implementation didn't overwrite onto
+ * this extra room. */
+ uint8_t actual_mac[PSA_MAC_MAX_SIZE + 10];
+ size_t mac_buffer_size =
+ PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key->len ), alg );
+ size_t mac_length = 0;
+
+ memset( actual_mac, '+', sizeof( actual_mac ) );
+ TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
+ TEST_ASSERT( expected_mac->len <= mac_buffer_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ /* Calculate the MAC. */
+ PSA_ASSERT( psa_mac_sign_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_mac_update( &operation,
+ input->x, input->len ) );
+ PSA_ASSERT( psa_mac_sign_finish( &operation,
+ actual_mac, mac_buffer_size,
+ &mac_length ) );
+
+ /* Compare with the expected value. */
+ ASSERT_COMPARE( expected_mac->x, expected_mac->len,
+ actual_mac, mac_length );
+
+ /* Verify that the end of the buffer is untouched. */
+ TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+',
+ sizeof( actual_mac ) - mac_length ) );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_verify( int key_type_arg,
+ data_t *key,
+ int alg_arg,
+ data_t *input,
+ data_t *expected_mac )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ PSA_ASSERT( psa_mac_verify_setup( &operation,
+ handle, alg ) );
+ PSA_ASSERT( psa_destroy_key( handle ) );
+ PSA_ASSERT( psa_mac_update( &operation,
+ input->x, input->len ) );
+ PSA_ASSERT( psa_mac_verify_finish( &operation,
+ expected_mac->x,
+ expected_mac->len ) );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_operation_init( )
+{
+ const uint8_t input[1] = { 0 };
+ unsigned char output[1] = { 0 };
+ size_t output_length;
+ /* Test each valid way of initializing the object, except for `= {0}`, as
+ * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+ * though it's OK by the C standard. We could test for this, but we'd need
+ * to supress the Clang warning for the test. */
+ psa_cipher_operation_t func = psa_cipher_operation_init( );
+ psa_cipher_operation_t init = PSA_CIPHER_OPERATION_INIT;
+ psa_cipher_operation_t zero;
+
+ memset( &zero, 0, sizeof( zero ) );
+
+ /* A freshly-initialized cipher operation should not be usable. */
+ TEST_EQUAL( psa_cipher_update( &func,
+ input, sizeof( input ),
+ output, sizeof( output ),
+ &output_length ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_cipher_update( &init,
+ input, sizeof( input ),
+ output, sizeof( output ),
+ &output_length ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_cipher_update( &zero,
+ input, sizeof( input ),
+ output, sizeof( output ),
+ &output_length ),
+ PSA_ERROR_BAD_STATE );
+
+ /* A default cipher operation should be abortable without error. */
+ PSA_ASSERT( psa_cipher_abort( &func ) );
+ PSA_ASSERT( psa_cipher_abort( &init ) );
+ PSA_ASSERT( psa_cipher_abort( &zero ) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_setup( int key_type_arg,
+ data_t *key,
+ int alg_arg,
+ int expected_status_arg )
+{
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_status_t status;
+#if defined(KNOWN_SUPPORTED_MAC_ALG)
+ const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk";
+#endif
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ if( ! exercise_cipher_setup( key_type, key->x, key->len, alg,
+ &operation, &status ) )
+ goto exit;
+ TEST_EQUAL( status, expected_status );
+
+ /* The operation object should be reusable. */
+#if defined(KNOWN_SUPPORTED_CIPHER_ALG)
+ if( ! exercise_cipher_setup( KNOWN_SUPPORTED_CIPHER_KEY_TYPE,
+ smoke_test_key_data,
+ sizeof( smoke_test_key_data ),
+ KNOWN_SUPPORTED_CIPHER_ALG,
+ &operation, &status ) )
+ goto exit;
+ TEST_EQUAL( status, PSA_SUCCESS );
+#endif
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_bad_order( )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+ psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
+ const uint8_t key[] = {
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa };
+ const uint8_t text[] = {
+ 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
+ 0xbb, 0xbb, 0xbb, 0xbb };
+ uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
+ size_t length = 0;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+ alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key, sizeof(key) ) );
+
+
+ /* Call encrypt setup twice in a row. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ TEST_EQUAL( psa_cipher_encrypt_setup( &operation, handle, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call decrypt setup twice in a row. */
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation, handle, alg ) );
+ TEST_EQUAL( psa_cipher_decrypt_setup( &operation, handle, alg ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Generate an IV without calling setup beforehand. */
+ TEST_EQUAL( psa_cipher_generate_iv( &operation,
+ buffer, sizeof( buffer ),
+ &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Generate an IV twice in a row. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_generate_iv( &operation,
+ buffer, sizeof( buffer ),
+ &length ) );
+ TEST_EQUAL( psa_cipher_generate_iv( &operation,
+ buffer, sizeof( buffer ),
+ &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Generate an IV after it's already set. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ) );
+ TEST_EQUAL( psa_cipher_generate_iv( &operation,
+ buffer, sizeof( buffer ),
+ &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Set an IV without calling setup beforehand. */
+ TEST_EQUAL( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Set an IV after it's already set. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ) );
+ TEST_EQUAL( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Set an IV after it's already generated. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_generate_iv( &operation,
+ buffer, sizeof( buffer ),
+ &length ) );
+ TEST_EQUAL( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call update without calling setup beforehand. */
+ TEST_EQUAL( psa_cipher_update( &operation,
+ text, sizeof( text ),
+ buffer, sizeof( buffer ),
+ &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call update without an IV where an IV is required. */
+ TEST_EQUAL( psa_cipher_update( &operation,
+ text, sizeof( text ),
+ buffer, sizeof( buffer ),
+ &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call update after finish. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ) );
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ buffer, sizeof( buffer ), &length ) );
+ TEST_EQUAL( psa_cipher_update( &operation,
+ text, sizeof( text ),
+ buffer, sizeof( buffer ),
+ &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call finish without calling setup beforehand. */
+ TEST_EQUAL( psa_cipher_finish( &operation,
+ buffer, sizeof( buffer ), &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call finish without an IV where an IV is required. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ /* Not calling update means we are encrypting an empty buffer, which is OK
+ * for cipher modes with padding. */
+ TEST_EQUAL( psa_cipher_finish( &operation,
+ buffer, sizeof( buffer ), &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ /* Call finish twice in a row. */
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation, handle, alg ) );
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ) );
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ buffer, sizeof( buffer ), &length ) );
+ TEST_EQUAL( psa_cipher_finish( &operation,
+ buffer, sizeof( buffer ), &length ),
+ PSA_ERROR_BAD_STATE );
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt( int alg_arg, int key_type_arg,
+ data_t *key,
+ data_t *input, data_t *expected_output,
+ int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_status_t status;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char iv[16] = {0};
+ size_t iv_size;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t function_output_length = 0;
+ size_t total_output_length = 0;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
+ handle, alg ) );
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, iv_size ) );
+ output_buffer_size = ( (size_t) input->len +
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x, input->len,
+ output, output_buffer_size,
+ &function_output_length ) );
+ total_output_length += function_output_length;
+ status = psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length );
+ total_output_length += function_output_length;
+
+ TEST_EQUAL( status, expected_status );
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+ }
+
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
+ data_t *key,
+ data_t *input,
+ int first_part_size_arg,
+ int output1_length_arg, int output2_length_arg,
+ data_t *expected_output )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t first_part_size = first_part_size_arg;
+ size_t output1_length = output1_length_arg;
+ size_t output2_length = output2_length_arg;
+ unsigned char iv[16] = {0};
+ size_t iv_size;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t function_output_length = 0;
+ size_t total_output_length = 0;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
+ handle, alg ) );
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ) );
+ output_buffer_size = ( (size_t) input->len +
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ TEST_ASSERT( first_part_size <= input->len );
+ PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
+ output, output_buffer_size,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output1_length );
+ total_output_length += function_output_length;
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
+ total_output_length += function_output_length;
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ total_output_length += function_output_length;
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
+ data_t *key,
+ data_t *input,
+ int first_part_size_arg,
+ int output1_length_arg, int output2_length_arg,
+ data_t *expected_output )
+{
+ psa_key_handle_t handle = 0;
+
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t first_part_size = first_part_size_arg;
+ size_t output1_length = output1_length_arg;
+ size_t output2_length = output2_length_arg;
+ unsigned char iv[16] = {0};
+ size_t iv_size;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t function_output_length = 0;
+ size_t total_output_length = 0;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
+ handle, alg ) );
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, sizeof( iv ) ) );
+
+ output_buffer_size = ( (size_t) input->len +
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ TEST_ASSERT( first_part_size <= input->len );
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x, first_part_size,
+ output, output_buffer_size,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output1_length );
+ total_output_length += function_output_length;
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ TEST_ASSERT( function_output_length == output2_length );
+ total_output_length += function_output_length;
+ PSA_ASSERT( psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length ) );
+ total_output_length += function_output_length;
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt( int alg_arg, int key_type_arg,
+ data_t *key,
+ data_t *input, data_t *expected_output,
+ int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_status_t status;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char iv[16] = {0};
+ size_t iv_size;
+ unsigned char *output = NULL;
+ size_t output_buffer_size = 0;
+ size_t function_output_length = 0;
+ size_t total_output_length = 0;
+ psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+ memset( iv, 0x2a, iv_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
+ handle, alg ) );
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation,
+ iv, iv_size ) );
+
+ output_buffer_size = ( (size_t) input->len +
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ ASSERT_ALLOC( output, output_buffer_size );
+
+ PSA_ASSERT( psa_cipher_update( &operation,
+ input->x, input->len,
+ output, output_buffer_size,
+ &function_output_length ) );
+ total_output_length += function_output_length;
+ status = psa_cipher_finish( &operation,
+ output + total_output_length,
+ output_buffer_size - total_output_length,
+ &function_output_length );
+ total_output_length += function_output_length;
+ TEST_EQUAL( status, expected_status );
+
+ if( expected_status == PSA_SUCCESS )
+ {
+ PSA_ASSERT( psa_cipher_abort( &operation ) );
+ ASSERT_COMPARE( expected_output->x, expected_output->len,
+ output, total_output_length );
+ }
+
+exit:
+ mbedtls_free( output );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_verify_output( int alg_arg, int key_type_arg,
+ data_t *key,
+ data_t *input )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char iv[16] = {0};
+ size_t iv_size = 16;
+ size_t iv_length = 0;
+ unsigned char *output1 = NULL;
+ size_t output1_size = 0;
+ size_t output1_length = 0;
+ unsigned char *output2 = NULL;
+ size_t output2_size = 0;
+ size_t output2_length = 0;
+ size_t function_output_length = 0;
+ psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT;
+ psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
+ handle, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
+ handle, alg ) );
+
+ PSA_ASSERT( psa_cipher_generate_iv( &operation1,
+ iv, iv_size,
+ &iv_length ) );
+ output1_size = ( (size_t) input->len +
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ ASSERT_ALLOC( output1, output1_size );
+
+ PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
+ output1, output1_size,
+ &output1_length ) );
+ PSA_ASSERT( psa_cipher_finish( &operation1,
+ output1 + output1_length,
+ output1_size - output1_length,
+ &function_output_length ) );
+
+ output1_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_abort( &operation1 ) );
+
+ output2_size = output1_length;
+ ASSERT_ALLOC( output2, output2_size );
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation2,
+ iv, iv_length ) );
+ PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
+ output2, output2_size,
+ &output2_length ) );
+ function_output_length = 0;
+ PSA_ASSERT( psa_cipher_finish( &operation2,
+ output2 + output2_length,
+ output2_size - output2_length,
+ &function_output_length ) );
+
+ output2_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_abort( &operation2 ) );
+
+ ASSERT_COMPARE( input->x, input->len, output2, output2_length );
+
+exit:
+ mbedtls_free( output1 );
+ mbedtls_free( output2 );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_verify_output_multipart( int alg_arg,
+ int key_type_arg,
+ data_t *key,
+ data_t *input,
+ int first_part_size_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t first_part_size = first_part_size_arg;
+ unsigned char iv[16] = {0};
+ size_t iv_size = 16;
+ size_t iv_length = 0;
+ unsigned char *output1 = NULL;
+ size_t output1_buffer_size = 0;
+ size_t output1_length = 0;
+ unsigned char *output2 = NULL;
+ size_t output2_buffer_size = 0;
+ size_t output2_length = 0;
+ size_t function_output_length;
+ psa_cipher_operation_t operation1 = PSA_CIPHER_OPERATION_INIT;
+ psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key->x, key->len ) );
+
+ PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
+ handle, alg ) );
+ PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
+ handle, alg ) );
+
+ PSA_ASSERT( psa_cipher_generate_iv( &operation1,
+ iv, iv_size,
+ &iv_length ) );
+ output1_buffer_size = ( (size_t) input->len +
+ PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ ASSERT_ALLOC( output1, output1_buffer_size );
+
+ TEST_ASSERT( first_part_size <= input->len );
+
+ PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
+ output1, output1_buffer_size,
+ &function_output_length ) );
+ output1_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_update( &operation1,
+ input->x + first_part_size,
+ input->len - first_part_size,
+ output1, output1_buffer_size,
+ &function_output_length ) );
+ output1_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_finish( &operation1,
+ output1 + output1_length,
+ output1_buffer_size - output1_length,
+ &function_output_length ) );
+ output1_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_abort( &operation1 ) );
+
+ output2_buffer_size = output1_length;
+ ASSERT_ALLOC( output2, output2_buffer_size );
+
+ PSA_ASSERT( psa_cipher_set_iv( &operation2,
+ iv, iv_length ) );
+
+ PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
+ output2, output2_buffer_size,
+ &function_output_length ) );
+ output2_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_update( &operation2,
+ output1 + first_part_size,
+ output1_length - first_part_size,
+ output2, output2_buffer_size,
+ &function_output_length ) );
+ output2_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_finish( &operation2,
+ output2 + output2_length,
+ output2_buffer_size - output2_length,
+ &function_output_length ) );
+ output2_length += function_output_length;
+
+ PSA_ASSERT( psa_cipher_abort( &operation2 ) );
+
+ ASSERT_COMPARE( input->x, input->len, output2, output2_length );
+
+exit:
+ mbedtls_free( output1 );
+ mbedtls_free( output2 );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
+ int alg_arg,
+ data_t *nonce,
+ data_t *additional_data,
+ data_t *input_data,
+ int expected_result_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *output_data = NULL;
+ size_t output_size = 0;
+ size_t output_length = 0;
+ unsigned char *output_data2 = NULL;
+ size_t output_length2 = 0;
+ size_t tag_length = 16;
+ psa_status_t expected_result = expected_result_arg;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ output_size = input_data->len + tag_length;
+ ASSERT_ALLOC( output_data, output_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+ alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x, key_data->len ) );
+
+ TEST_EQUAL( psa_aead_encrypt( handle, alg,
+ nonce->x, nonce->len,
+ additional_data->x,
+ additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length ),
+ expected_result );
+
+ if( PSA_SUCCESS == expected_result )
+ {
+ ASSERT_ALLOC( output_data2, output_length );
+
+ TEST_EQUAL( psa_aead_decrypt( handle, alg,
+ nonce->x, nonce->len,
+ additional_data->x,
+ additional_data->len,
+ output_data, output_length,
+ output_data2, output_length,
+ &output_length2 ),
+ expected_result );
+
+ ASSERT_COMPARE( input_data->x, input_data->len,
+ output_data2, output_length2 );
+ }
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( output_data );
+ mbedtls_free( output_data2 );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt( int key_type_arg, data_t *key_data,
+ int alg_arg,
+ data_t *nonce,
+ data_t *additional_data,
+ data_t *input_data,
+ data_t *expected_result )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *output_data = NULL;
+ size_t output_size = 0;
+ size_t output_length = 0;
+ size_t tag_length = 16;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ output_size = input_data->len + tag_length;
+ ASSERT_ALLOC( output_data, output_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ PSA_ASSERT( psa_aead_encrypt( handle, alg,
+ nonce->x, nonce->len,
+ additional_data->x, additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length ) );
+
+ ASSERT_COMPARE( expected_result->x, expected_result->len,
+ output_data, output_length );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( output_data );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_decrypt( int key_type_arg, data_t *key_data,
+ int alg_arg,
+ data_t *nonce,
+ data_t *additional_data,
+ data_t *input_data,
+ data_t *expected_data,
+ int expected_result_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *output_data = NULL;
+ size_t output_size = 0;
+ size_t output_length = 0;
+ size_t tag_length = 16;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_status_t expected_result = expected_result_arg;
+
+ output_size = input_data->len + tag_length;
+ ASSERT_ALLOC( output_data, output_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ TEST_EQUAL( psa_aead_decrypt( handle, alg,
+ nonce->x, nonce->len,
+ additional_data->x,
+ additional_data->len,
+ input_data->x, input_data->len,
+ output_data, output_size,
+ &output_length ),
+ expected_result );
+
+ if( expected_result == PSA_SUCCESS )
+ ASSERT_COMPARE( expected_data->x, expected_data->len,
+ output_data, output_length );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( output_data );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void signature_size( int type_arg,
+ int bits,
+ int alg_arg,
+ int expected_size_arg )
+{
+ psa_key_type_t type = type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg );
+ TEST_EQUAL( actual_size, (size_t) expected_size_arg );
+exit:
+ ;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_deterministic( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *input_data,
+ data_t *output_data )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
+ unsigned char *signature = NULL;
+ size_t signature_size;
+ size_t signature_length = 0xdeadbeef;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+ PSA_ASSERT( psa_get_key_information( handle,
+ NULL,
+ &key_bits ) );
+
+ /* Allocate a buffer which has the size advertized by the
+ * library. */
+ signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
+ key_bits, alg );
+ TEST_ASSERT( signature_size != 0 );
+ TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
+ ASSERT_ALLOC( signature, signature_size );
+
+ /* Perform the signature. */
+ PSA_ASSERT( psa_asymmetric_sign( handle, alg,
+ input_data->x, input_data->len,
+ signature, signature_size,
+ &signature_length ) );
+ /* Verify that the signature is what is expected. */
+ ASSERT_COMPARE( output_data->x, output_data->len,
+ signature, signature_length );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( signature );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_fail( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *input_data,
+ int signature_size_arg, int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t signature_size = signature_size_arg;
+ psa_status_t actual_status;
+ psa_status_t expected_status = expected_status_arg;
+ unsigned char *signature = NULL;
+ size_t signature_length = 0xdeadbeef;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ ASSERT_ALLOC( signature, signature_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ actual_status = psa_asymmetric_sign( handle, alg,
+ input_data->x, input_data->len,
+ signature, signature_size,
+ &signature_length );
+ TEST_EQUAL( actual_status, expected_status );
+ /* The value of *signature_length is unspecified on error, but
+ * whatever it is, it should be less than signature_size, so that
+ * if the caller tries to read *signature_length bytes without
+ * checking the error code then they don't overflow a buffer. */
+ TEST_ASSERT( signature_length <= signature_size );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( signature );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_verify( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *input_data )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
+ unsigned char *signature = NULL;
+ size_t signature_size;
+ size_t signature_length = 0xdeadbeef;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
+ alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+ PSA_ASSERT( psa_get_key_information( handle,
+ NULL,
+ &key_bits ) );
+
+ /* Allocate a buffer which has the size advertized by the
+ * library. */
+ signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
+ key_bits, alg );
+ TEST_ASSERT( signature_size != 0 );
+ TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
+ ASSERT_ALLOC( signature, signature_size );
+
+ /* Perform the signature. */
+ PSA_ASSERT( psa_asymmetric_sign( handle, alg,
+ input_data->x, input_data->len,
+ signature, signature_size,
+ &signature_length ) );
+ /* Check that the signature length looks sensible. */
+ TEST_ASSERT( signature_length <= signature_size );
+ TEST_ASSERT( signature_length > 0 );
+
+ /* Use the library to verify that the signature is correct. */
+ PSA_ASSERT( psa_asymmetric_verify(
+ handle, alg,
+ input_data->x, input_data->len,
+ signature, signature_length ) );
+
+ if( input_data->len != 0 )
+ {
+ /* Flip a bit in the input and verify that the signature is now
+ * detected as invalid. Flip a bit at the beginning, not at the end,
+ * because ECDSA may ignore the last few bits of the input. */
+ input_data->x[0] ^= 1;
+ TEST_EQUAL( psa_asymmetric_verify( handle, alg,
+ input_data->x, input_data->len,
+ signature, signature_length ),
+ PSA_ERROR_INVALID_SIGNATURE );
+ }
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( signature );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_verify( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *hash_data,
+ data_t *signature_data )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ PSA_ASSERT( psa_asymmetric_verify( handle, alg,
+ hash_data->x, hash_data->len,
+ signature_data->x,
+ signature_data->len ) );
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
+ int alg_arg, data_t *hash_data,
+ data_t *signature_data,
+ int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t actual_status;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ actual_status = psa_asymmetric_verify( handle, alg,
+ hash_data->x, hash_data->len,
+ signature_data->x,
+ signature_data->len );
+
+ TEST_EQUAL( actual_status, expected_status );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encrypt( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data,
+ data_t *label,
+ int expected_output_length_arg,
+ int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t expected_output_length = expected_output_length_arg;
+ size_t key_bits;
+ unsigned char *output = NULL;
+ size_t output_size;
+ size_t output_length = ~0;
+ psa_status_t actual_status;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Import the key */
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ /* Determine the maximum output length */
+ PSA_ASSERT( psa_get_key_information( handle,
+ NULL,
+ &key_bits ) );
+ output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
+ ASSERT_ALLOC( output, output_size );
+
+ /* Encrypt the input */
+ actual_status = psa_asymmetric_encrypt( handle, alg,
+ input_data->x, input_data->len,
+ label->x, label->len,
+ output, output_size,
+ &output_length );
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_EQUAL( output_length, expected_output_length );
+
+ /* If the label is empty, the test framework puts a non-null pointer
+ * in label->x. Test that a null pointer works as well. */
+ if( label->len == 0 )
+ {
+ output_length = ~0;
+ if( output_size != 0 )
+ memset( output, 0, output_size );
+ actual_status = psa_asymmetric_encrypt( handle, alg,
+ input_data->x, input_data->len,
+ NULL, label->len,
+ output, output_size,
+ &output_length );
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_EQUAL( output_length, expected_output_length );
+ }
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( output );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encrypt_decrypt( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data,
+ data_t *label )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t key_bits;
+ unsigned char *output = NULL;
+ size_t output_size;
+ size_t output_length = ~0;
+ unsigned char *output2 = NULL;
+ size_t output2_size;
+ size_t output2_length = ~0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy,
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+ alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ /* Determine the maximum ciphertext length */
+ PSA_ASSERT( psa_get_key_information( handle,
+ NULL,
+ &key_bits ) );
+ output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
+ ASSERT_ALLOC( output, output_size );
+ output2_size = input_data->len;
+ ASSERT_ALLOC( output2, output2_size );
+
+ /* We test encryption by checking that encrypt-then-decrypt gives back
+ * the original plaintext because of the non-optional random
+ * part of encryption process which prevents using fixed vectors. */
+ PSA_ASSERT( psa_asymmetric_encrypt( handle, alg,
+ input_data->x, input_data->len,
+ label->x, label->len,
+ output, output_size,
+ &output_length ) );
+ /* We don't know what ciphertext length to expect, but check that
+ * it looks sensible. */
+ TEST_ASSERT( output_length <= output_size );
+
+ PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+ output, output_length,
+ label->x, label->len,
+ output2, output2_size,
+ &output2_length ) );
+ ASSERT_COMPARE( input_data->x, input_data->len,
+ output2, output2_length );
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( output );
+ mbedtls_free( output2 );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_decrypt( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data,
+ data_t *label,
+ data_t *expected_data )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *output = NULL;
+ size_t output_size = 0;
+ size_t output_length = ~0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ output_size = expected_data->len;
+ ASSERT_ALLOC( output, output_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+ input_data->x, input_data->len,
+ label->x, label->len,
+ output,
+ output_size,
+ &output_length ) );
+ ASSERT_COMPARE( expected_data->x, expected_data->len,
+ output, output_length );
+
+ /* If the label is empty, the test framework puts a non-null pointer
+ * in label->x. Test that a null pointer works as well. */
+ if( label->len == 0 )
+ {
+ output_length = ~0;
+ if( output_size != 0 )
+ memset( output, 0, output_size );
+ PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+ input_data->x, input_data->len,
+ NULL, label->len,
+ output,
+ output_size,
+ &output_length ) );
+ ASSERT_COMPARE( expected_data->x, expected_data->len,
+ output, output_length );
+ }
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( output );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_decrypt_fail( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *input_data,
+ data_t *label,
+ int output_size_arg,
+ int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ unsigned char *output = NULL;
+ size_t output_size = output_size_arg;
+ size_t output_length = ~0;
+ psa_status_t actual_status;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ ASSERT_ALLOC( output, output_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ actual_status = psa_asymmetric_decrypt( handle, alg,
+ input_data->x, input_data->len,
+ label->x, label->len,
+ output, output_size,
+ &output_length );
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_ASSERT( output_length <= output_size );
+
+ /* If the label is empty, the test framework puts a non-null pointer
+ * in label->x. Test that a null pointer works as well. */
+ if( label->len == 0 )
+ {
+ output_length = ~0;
+ if( output_size != 0 )
+ memset( output, 0, output_size );
+ actual_status = psa_asymmetric_decrypt( handle, alg,
+ input_data->x, input_data->len,
+ NULL, label->len,
+ output, output_size,
+ &output_length );
+ TEST_EQUAL( actual_status, expected_status );
+ TEST_ASSERT( output_length <= output_size );
+ }
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_free( output );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void crypto_generator_init( )
+{
+ /* Test each valid way of initializing the object, except for `= {0}`, as
+ * Clang 5 complains when `-Wmissing-field-initializers` is used, even
+ * though it's OK by the C standard. We could test for this, but we'd need
+ * to supress the Clang warning for the test. */
+ size_t capacity;
+ psa_crypto_generator_t func = psa_crypto_generator_init( );
+ psa_crypto_generator_t init = PSA_CRYPTO_GENERATOR_INIT;
+ psa_crypto_generator_t zero;
+
+ memset( &zero, 0, sizeof( zero ) );
+
+ /* A default generator should not be able to report its capacity. */
+ TEST_EQUAL( psa_get_generator_capacity( &func, &capacity ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_get_generator_capacity( &init, &capacity ),
+ PSA_ERROR_BAD_STATE );
+ TEST_EQUAL( psa_get_generator_capacity( &zero, &capacity ),
+ PSA_ERROR_BAD_STATE );
+
+ /* A default generator should be abortable without error. */
+ PSA_ASSERT( psa_generator_abort(&func) );
+ PSA_ASSERT( psa_generator_abort(&init) );
+ PSA_ASSERT( psa_generator_abort(&zero) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_setup( int key_type_arg,
+ data_t *key_data,
+ int alg_arg,
+ data_t *salt,
+ data_t *label,
+ int requested_capacity_arg,
+ int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ size_t key_type = key_type_arg;
+ psa_algorithm_t alg = alg_arg;
+ size_t requested_capacity = requested_capacity_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data->x,
+ key_data->len ) );
+
+ TEST_EQUAL( psa_key_derivation( &generator, handle, alg,
+ salt->x, salt->len,
+ label->x, label->len,
+ requested_capacity ),
+ expected_status );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_derive_invalid_generator_state( )
+{
+ psa_key_handle_t handle = 0;
+ size_t key_type = PSA_KEY_TYPE_DERIVE;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 );
+ uint8_t buffer[42];
+ size_t capacity = sizeof( buffer );
+ const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, key_type,
+ key_data,
+ sizeof( key_data ) ) );
+
+ /* valid key derivation */
+ PSA_ASSERT( psa_key_derivation( &generator, handle, alg,
+ NULL, 0,
+ NULL, 0,
+ capacity ) );
+
+ /* state of generator shouldn't allow additional generation */
+ TEST_EQUAL( psa_key_derivation( &generator, handle, alg,
+ NULL, 0,
+ NULL, 0,
+ capacity ),
+ PSA_ERROR_BAD_STATE );
+
+ PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) );
+
+ TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ),
+ PSA_ERROR_INSUFFICIENT_DATA );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_derive_invalid_generator_tests( )
+{
+ uint8_t output_buffer[16];
+ size_t buffer_size = 16;
+ size_t capacity = 0;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+
+ TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
+ == PSA_ERROR_BAD_STATE );
+
+ TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
+ == PSA_ERROR_BAD_STATE );
+
+ PSA_ASSERT( psa_generator_abort( &generator ) );
+
+ TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
+ == PSA_ERROR_BAD_STATE );
+
+ TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
+ == PSA_ERROR_BAD_STATE );
+
+exit:
+ psa_generator_abort( &generator );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_output( int alg_arg,
+ data_t *key_data,
+ data_t *salt,
+ data_t *label,
+ int requested_capacity_arg,
+ data_t *expected_output1,
+ data_t *expected_output2 )
+{
+ psa_key_handle_t handle = 0;
+ psa_algorithm_t alg = alg_arg;
+ size_t requested_capacity = requested_capacity_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ uint8_t *expected_outputs[2] =
+ {expected_output1->x, expected_output2->x};
+ size_t output_sizes[2] =
+ {expected_output1->len, expected_output2->len};
+ size_t output_buffer_size = 0;
+ uint8_t *output_buffer = NULL;
+ size_t expected_capacity;
+ size_t current_capacity;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_status_t status;
+ unsigned i;
+
+ for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
+ {
+ if( output_sizes[i] > output_buffer_size )
+ output_buffer_size = output_sizes[i];
+ if( output_sizes[i] == 0 )
+ expected_outputs[i] = NULL;
+ }
+ ASSERT_ALLOC( output_buffer, output_buffer_size );
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
+ key_data->x,
+ key_data->len ) );
+
+ /* Extraction phase. */
+ PSA_ASSERT( psa_key_derivation( &generator, handle, alg,
+ salt->x, salt->len,
+ label->x, label->len,
+ requested_capacity ) );
+ PSA_ASSERT( psa_get_generator_capacity( &generator,
+ ¤t_capacity ) );
+ TEST_EQUAL( current_capacity, requested_capacity );
+ expected_capacity = requested_capacity;
+
+ /* Expansion phase. */
+ for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
+ {
+ /* Read some bytes. */
+ status = psa_generator_read( &generator,
+ output_buffer, output_sizes[i] );
+ if( expected_capacity == 0 && output_sizes[i] == 0 )
+ {
+ /* Reading 0 bytes when 0 bytes are available can go either way. */
+ TEST_ASSERT( status == PSA_SUCCESS ||
+ status == PSA_ERROR_INSUFFICIENT_DATA );
+ continue;
+ }
+ else if( expected_capacity == 0 ||
+ output_sizes[i] > expected_capacity )
+ {
+ /* Capacity exceeded. */
+ TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_DATA );
+ expected_capacity = 0;
+ continue;
+ }
+ /* Success. Check the read data. */
+ PSA_ASSERT( status );
+ if( output_sizes[i] != 0 )
+ ASSERT_COMPARE( output_buffer, output_sizes[i],
+ expected_outputs[i], output_sizes[i] );
+ /* Check the generator status. */
+ expected_capacity -= output_sizes[i];
+ PSA_ASSERT( psa_get_generator_capacity( &generator,
+ ¤t_capacity ) );
+ TEST_EQUAL( expected_capacity, current_capacity );
+ }
+ PSA_ASSERT( psa_generator_abort( &generator ) );
+
+exit:
+ mbedtls_free( output_buffer );
+ psa_generator_abort( &generator );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_full( int alg_arg,
+ data_t *key_data,
+ data_t *salt,
+ data_t *label,
+ int requested_capacity_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_algorithm_t alg = alg_arg;
+ size_t requested_capacity = requested_capacity_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ unsigned char output_buffer[16];
+ size_t expected_capacity = requested_capacity;
+ size_t current_capacity;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
+ key_data->x,
+ key_data->len ) );
+
+ /* Extraction phase. */
+ PSA_ASSERT( psa_key_derivation( &generator, handle, alg,
+ salt->x, salt->len,
+ label->x, label->len,
+ requested_capacity ) );
+ PSA_ASSERT( psa_get_generator_capacity( &generator,
+ ¤t_capacity ) );
+ TEST_EQUAL( current_capacity, expected_capacity );
+
+ /* Expansion phase. */
+ while( current_capacity > 0 )
+ {
+ size_t read_size = sizeof( output_buffer );
+ if( read_size > current_capacity )
+ read_size = current_capacity;
+ PSA_ASSERT( psa_generator_read( &generator,
+ output_buffer,
+ read_size ) );
+ expected_capacity -= read_size;
+ PSA_ASSERT( psa_get_generator_capacity( &generator,
+ ¤t_capacity ) );
+ TEST_EQUAL( current_capacity, expected_capacity );
+ }
+
+ /* Check that the generator refuses to go over capacity. */
+ TEST_EQUAL( psa_generator_read( &generator, output_buffer, 1 ),
+ PSA_ERROR_INSUFFICIENT_DATA );
+
+ PSA_ASSERT( psa_generator_abort( &generator ) );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key_exercise( int alg_arg,
+ data_t *key_data,
+ data_t *salt,
+ data_t *label,
+ int derived_type_arg,
+ int derived_bits_arg,
+ int derived_usage_arg,
+ int derived_alg_arg )
+{
+ psa_key_handle_t base_handle = 0;
+ psa_key_handle_t derived_handle = 0;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_type_t derived_type = derived_type_arg;
+ size_t derived_bits = derived_bits_arg;
+ psa_key_usage_t derived_usage = derived_usage_arg;
+ psa_algorithm_t derived_alg = derived_alg_arg;
+ size_t capacity = PSA_BITS_TO_BYTES( derived_bits );
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t got_type;
+ size_t got_bits;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &base_handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
+ PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
+ key_data->x,
+ key_data->len ) );
+
+ /* Derive a key. */
+ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg,
+ salt->x, salt->len,
+ label->x, label->len,
+ capacity ) );
+ PSA_ASSERT( psa_allocate_key( &derived_handle ) );
+ psa_key_policy_set_usage( &policy, derived_usage, derived_alg );
+ PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
+ PSA_ASSERT( psa_generator_import_key( derived_handle,
+ derived_type,
+ derived_bits,
+ &generator ) );
+
+ /* Test the key information */
+ PSA_ASSERT( psa_get_key_information( derived_handle,
+ &got_type,
+ &got_bits ) );
+ TEST_EQUAL( got_type, derived_type );
+ TEST_EQUAL( got_bits, derived_bits );
+
+ /* Exercise the derived key. */
+ if( ! exercise_key( derived_handle, derived_usage, derived_alg ) )
+ goto exit;
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( base_handle );
+ psa_destroy_key( derived_handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key_export( int alg_arg,
+ data_t *key_data,
+ data_t *salt,
+ data_t *label,
+ int bytes1_arg,
+ int bytes2_arg )
+{
+ psa_key_handle_t base_handle = 0;
+ psa_key_handle_t derived_handle = 0;
+ psa_algorithm_t alg = alg_arg;
+ size_t bytes1 = bytes1_arg;
+ size_t derived_bits = PSA_BYTES_TO_BITS( bytes1 );
+ size_t bytes2 = bytes2_arg;
+ size_t capacity = bytes1 + bytes2;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ uint8_t *output_buffer = NULL;
+ uint8_t *export_buffer = NULL;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ size_t length;
+
+ ASSERT_ALLOC( output_buffer, capacity );
+ ASSERT_ALLOC( export_buffer, capacity );
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &base_handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
+ PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
+ key_data->x,
+ key_data->len ) );
+
+ /* Derive some material and output it. */
+ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg,
+ salt->x, salt->len,
+ label->x, label->len,
+ capacity ) );
+ PSA_ASSERT( psa_generator_read( &generator,
+ output_buffer,
+ capacity ) );
+ PSA_ASSERT( psa_generator_abort( &generator ) );
+
+ /* Derive the same output again, but this time store it in key objects. */
+ PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg,
+ salt->x, salt->len,
+ label->x, label->len,
+ capacity ) );
+ PSA_ASSERT( psa_allocate_key( &derived_handle ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
+ PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
+ PSA_ASSERT( psa_generator_import_key( derived_handle,
+ PSA_KEY_TYPE_RAW_DATA,
+ derived_bits,
+ &generator ) );
+ PSA_ASSERT( psa_export_key( derived_handle,
+ export_buffer, bytes1,
+ &length ) );
+ TEST_EQUAL( length, bytes1 );
+ PSA_ASSERT( psa_destroy_key( derived_handle ) );
+ PSA_ASSERT( psa_allocate_key( &derived_handle ) );
+ PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
+ PSA_ASSERT( psa_generator_import_key( derived_handle,
+ PSA_KEY_TYPE_RAW_DATA,
+ PSA_BYTES_TO_BITS( bytes2 ),
+ &generator ) );
+ PSA_ASSERT( psa_export_key( derived_handle,
+ export_buffer + bytes1, bytes2,
+ &length ) );
+ TEST_EQUAL( length, bytes2 );
+
+ /* Compare the outputs from the two runs. */
+ ASSERT_COMPARE( output_buffer, bytes1 + bytes2,
+ export_buffer, capacity );
+
+exit:
+ mbedtls_free( output_buffer );
+ mbedtls_free( export_buffer );
+ psa_generator_abort( &generator );
+ psa_destroy_key( base_handle );
+ psa_destroy_key( derived_handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_setup( int alg_arg,
+ int our_key_type_arg, data_t *our_key_data,
+ data_t *peer_key_data,
+ int expected_status_arg )
+{
+ psa_key_handle_t our_key = 0;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_type_t our_key_type = our_key_type_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &our_key ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
+ PSA_ASSERT( psa_import_key( our_key, our_key_type,
+ our_key_data->x,
+ our_key_data->len ) );
+
+ TEST_EQUAL( psa_key_agreement( &generator,
+ our_key,
+ peer_key_data->x, peer_key_data->len,
+ alg ),
+ expected_status_arg );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( our_key );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_capacity( int alg_arg,
+ int our_key_type_arg, data_t *our_key_data,
+ data_t *peer_key_data,
+ int expected_capacity_arg )
+{
+ psa_key_handle_t our_key = 0;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_type_t our_key_type = our_key_type_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ size_t actual_capacity;
+ unsigned char output[16];
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &our_key ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
+ PSA_ASSERT( psa_import_key( our_key, our_key_type,
+ our_key_data->x,
+ our_key_data->len ) );
+
+ PSA_ASSERT( psa_key_agreement( &generator,
+ our_key,
+ peer_key_data->x, peer_key_data->len,
+ alg ) );
+
+ /* Test the advertized capacity. */
+ PSA_ASSERT( psa_get_generator_capacity(
+ &generator, &actual_capacity ) );
+ TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg );
+
+ /* Test the actual capacity by reading the output. */
+ while( actual_capacity > sizeof( output ) )
+ {
+ PSA_ASSERT( psa_generator_read( &generator,
+ output, sizeof( output ) ) );
+ actual_capacity -= sizeof( output );
+ }
+ PSA_ASSERT( psa_generator_read( &generator,
+ output, actual_capacity ) );
+ TEST_EQUAL( psa_generator_read( &generator, output, 1 ),
+ PSA_ERROR_INSUFFICIENT_DATA );
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( our_key );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_output( int alg_arg,
+ int our_key_type_arg, data_t *our_key_data,
+ data_t *peer_key_data,
+ data_t *expected_output1, data_t *expected_output2 )
+{
+ psa_key_handle_t our_key = 0;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_type_t our_key_type = our_key_type_arg;
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ uint8_t *actual_output = NULL;
+
+ ASSERT_ALLOC( actual_output, MAX( expected_output1->len,
+ expected_output2->len ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &our_key ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+ PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
+ PSA_ASSERT( psa_import_key( our_key, our_key_type,
+ our_key_data->x,
+ our_key_data->len ) );
+
+ PSA_ASSERT( psa_key_agreement( &generator,
+ our_key,
+ peer_key_data->x, peer_key_data->len,
+ alg ) );
+
+ PSA_ASSERT( psa_generator_read( &generator,
+ actual_output,
+ expected_output1->len ) );
+ ASSERT_COMPARE( actual_output, expected_output1->len,
+ expected_output1->x, expected_output1->len );
+ if( expected_output2->len != 0 )
+ {
+ PSA_ASSERT( psa_generator_read( &generator,
+ actual_output,
+ expected_output2->len ) );
+ ASSERT_COMPARE( actual_output, expected_output2->len,
+ expected_output2->x, expected_output2->len );
+ }
+
+exit:
+ psa_generator_abort( &generator );
+ psa_destroy_key( our_key );
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( actual_output );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_random( int bytes_arg )
+{
+ size_t bytes = bytes_arg;
+ const unsigned char trail[] = "don't overwrite me";
+ unsigned char *output = NULL;
+ unsigned char *changed = NULL;
+ size_t i;
+ unsigned run;
+
+ ASSERT_ALLOC( output, bytes + sizeof( trail ) );
+ ASSERT_ALLOC( changed, bytes );
+ memcpy( output + bytes, trail, sizeof( trail ) );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Run several times, to ensure that every output byte will be
+ * nonzero at least once with overwhelming probability
+ * (2^(-8*number_of_runs)). */
+ for( run = 0; run < 10; run++ )
+ {
+ if( bytes != 0 )
+ memset( output, 0, bytes );
+ PSA_ASSERT( psa_generate_random( output, bytes ) );
+
+ /* Check that no more than bytes have been overwritten */
+ ASSERT_COMPARE( output + bytes, sizeof( trail ),
+ trail, sizeof( trail ) );
+
+ for( i = 0; i < bytes; i++ )
+ {
+ if( output[i] != 0 )
+ ++changed[i];
+ }
+ }
+
+ /* Check that every byte was changed to nonzero at least once. This
+ * validates that psa_generate_random is overwriting every byte of
+ * the output buffer. */
+ for( i = 0; i < bytes; i++ )
+ {
+ TEST_ASSERT( changed[i] != 0 );
+ }
+
+exit:
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( output );
+ mbedtls_free( changed );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void generate_key( int type_arg,
+ int bits_arg,
+ int usage_arg,
+ int alg_arg,
+ int expected_status_arg )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_type_t type = type_arg;
+ psa_key_usage_t usage = usage_arg;
+ size_t bits = bits_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_type_t got_type;
+ size_t got_bits;
+ psa_status_t expected_info_status =
+ expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ psa_key_policy_set_usage( &policy, usage, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ /* Generate a key */
+ TEST_EQUAL( psa_generate_key( handle, type, bits, NULL, 0 ),
+ expected_status );
+
+ /* Test the key information */
+ TEST_EQUAL( psa_get_key_information( handle, &got_type, &got_bits ),
+ expected_info_status );
+ if( expected_info_status != PSA_SUCCESS )
+ goto exit;
+ TEST_EQUAL( got_type, type );
+ TEST_EQUAL( got_bits, bits );
+
+ /* Do something with the key according to its type and permitted usage. */
+ if( ! exercise_key( handle, usage, alg ) )
+ goto exit;
+
+exit:
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void persistent_key_load_key_from_storage( data_t *data, int type_arg,
+ int bits, int usage_arg,
+ int alg_arg, int generation_method,
+ int export_status )
+{
+ psa_key_handle_t handle = 0;
+ psa_key_handle_t base_key;
+ psa_key_type_t type = (psa_key_type_t) type_arg;
+ psa_key_type_t type_get;
+ size_t bits_get;
+ psa_key_policy_t policy_set = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t policy_get = PSA_KEY_POLICY_INIT;
+ psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg;
+ psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg;
+ psa_key_policy_t base_policy_set = PSA_KEY_POLICY_INIT;
+ psa_algorithm_t base_policy_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
+ psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ unsigned char *first_export = NULL;
+ unsigned char *second_export = NULL;
+ size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
+ size_t first_exported_length;
+ size_t second_exported_length;
+
+ ASSERT_ALLOC( first_export, export_size );
+ ASSERT_ALLOC( second_export, export_size );
+
+ PSA_ASSERT( psa_crypto_init() );
+
+ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
+ &handle ) );
+ psa_key_policy_set_usage( &policy_set, policy_usage,
+ policy_alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) );
+
+ switch( generation_method )
+ {
+ case IMPORT_KEY:
+ /* Import the key */
+ PSA_ASSERT( psa_import_key( handle, type,
+ data->x, data->len ) );
+ break;
+
+ case GENERATE_KEY:
+ /* Generate a key */
+ PSA_ASSERT( psa_generate_key( handle, type, bits,
+ NULL, 0 ) );
+ break;
+
+ case DERIVE_KEY:
+ /* Create base key */
+ PSA_ASSERT( psa_allocate_key( &base_key ) );
+ psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE,
+ base_policy_alg );
+ PSA_ASSERT( psa_set_key_policy(
+ base_key, &base_policy_set ) );
+ PSA_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
+ data->x, data->len ) );
+ /* Derive a key. */
+ PSA_ASSERT( psa_key_derivation( &generator, base_key,
+ base_policy_alg,
+ NULL, 0, NULL, 0,
+ export_size ) );
+ PSA_ASSERT( psa_generator_import_key(
+ handle, PSA_KEY_TYPE_RAW_DATA,
+ bits, &generator ) );
+ break;
+ }
+
+ /* Export the key */
+ TEST_EQUAL( psa_export_key( handle,
+ first_export, export_size,
+ &first_exported_length ),
+ export_status );
+
+ /* Shutdown and restart */
+ mbedtls_psa_crypto_free();
+ PSA_ASSERT( psa_crypto_init() );
+
+ /* Check key slot still contains key data */
+ PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
+ &handle ) );
+ PSA_ASSERT( psa_get_key_information(
+ handle, &type_get, &bits_get ) );
+ TEST_EQUAL( type_get, type );
+ TEST_EQUAL( bits_get, (size_t) bits );
+
+ PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
+ TEST_EQUAL( psa_key_policy_get_usage( &policy_get ), policy_usage );
+ TEST_EQUAL( psa_key_policy_get_algorithm( &policy_get ), policy_alg );
+
+ /* Export the key again */
+ TEST_EQUAL( psa_export_key( handle,
+ second_export, export_size,
+ &second_exported_length ),
+ export_status );
+
+ if( export_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( first_export, first_exported_length,
+ second_export, second_exported_length );
+
+ switch( generation_method )
+ {
+ case IMPORT_KEY:
+ ASSERT_COMPARE( data->x, data->len,
+ first_export, first_exported_length );
+ break;
+ default:
+ break;
+ }
+ }
+
+ /* Do something with the key according to its type and permitted usage. */
+ if( ! exercise_key( handle, policy_usage, policy_alg ) )
+ goto exit;
+
+exit:
+ mbedtls_free( first_export );
+ mbedtls_free( second_export );
+ psa_destroy_key( handle );
+ mbedtls_psa_crypto_free();
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
new file mode 100644
index 0000000..61593e9
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -0,0 +1,18 @@
+PSA validate entropy injection: good, minimum size
+validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: good, max size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: bad, too big
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_BLOCK_SIZE
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
+
+PSA validate entropy injection: before and after crypto_init
+run_entropy_inject_with_crypto_init:
+
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
new file mode 100644
index 0000000..a14657e
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -0,0 +1,95 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#include "psa/crypto.h"
+#include "psa_prot_internal_storage.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+/* Calculating the minimum allowed entropy size in bytes */
+#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void validate_entropy_seed_injection( int seed_length_a,
+ int expected_status_a,
+ int seed_length_b,
+ int expected_status_b )
+{
+ psa_status_t status;
+ uint8_t output[32] = { 0 };
+ uint8_t zeros[32] = { 0 };
+ uint8_t *seed = NULL;
+ int i;
+ int seed_size;
+ if( seed_length_a > seed_length_b )
+ {
+ seed_size = seed_length_a;
+ }
+ else
+ {
+ seed_size = seed_length_b;
+ }
+ ASSERT_ALLOC( seed, seed_size );
+ /* fill seed with some data */
+ for( i = 0; i < seed_size; ++i )
+ {
+ seed[i] = i;
+ }
+ status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ TEST_ASSERT( ( status == PSA_SUCCESS ) ||
+ ( status == PSA_ERROR_DOES_NOT_EXIST ) );
+ status = mbedtls_psa_inject_entropy( seed, seed_length_a );
+ TEST_EQUAL( status, expected_status_a );
+ status = mbedtls_psa_inject_entropy( seed, seed_length_b );
+ TEST_EQUAL( status, expected_status_b );
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_generate_random( output,
+ sizeof( output ) ) );
+ TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
+exit:
+ mbedtls_free( seed );
+ psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void run_entropy_inject_with_crypto_init( )
+{
+ psa_status_t status;
+ int i;
+ uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
+ /* fill seed with some data */
+ for( i = 0; i < sizeof( seed ); ++i )
+ {
+ seed[i] = i;
+ }
+ status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ TEST_ASSERT( ( status == PSA_SUCCESS ) ||
+ ( status == PSA_ERROR_DOES_NOT_EXIST ) );
+ status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
+ PSA_ASSERT( status );
+ status = psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ TEST_EQUAL( status, PSA_SUCCESS );
+ status = psa_crypto_init( );
+ TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
+ status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
+ PSA_ASSERT( status );
+ status = psa_crypto_init( );
+ PSA_ASSERT( status );
+ mbedtls_psa_crypto_free( );
+ /* The seed is written by nv_seed callback functions therefore the injection will fail */
+ status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
+ TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
+exit:
+ psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
new file mode 100644
index 0000000..746d810
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -0,0 +1,587 @@
+PSA hash finish: SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+PSA hash finish: MD2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+PSA hash finish: MD2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+PSA hash finish: MD2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
+
+PSA hash finish: MD2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
+
+PSA hash finish: MD2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
+
+PSA hash finish: MD2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
+
+PSA hash finish: MD2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+PSA hash finish: MD4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+PSA hash finish: MD4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
+
+PSA hash finish: MD4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
+
+PSA hash finish: MD4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
+
+PSA hash finish: MD4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+PSA hash finish: MD4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
+
+PSA hash finish: MD4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+PSA hash finish: MD5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+PSA hash finish: MD5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
+
+PSA hash finish: MD5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+PSA hash finish: MD5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
+
+PSA hash finish: MD5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
+
+PSA hash finish: MD5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+PSA hash finish: MD5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
+
+PSA hash finish: RIPEMD160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+PSA hash finish: RIPEMD160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+PSA hash finish: RIPEMD160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+PSA hash finish: RIPEMD160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+PSA hash finish: RIPEMD160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+PSA hash finish: RIPEMD160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+PSA hash finish: RIPEMD160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+PSA hash finish: RIPEMD160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+
+PSA hash verify: SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
+
+PSA hash verify: SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
+
+PSA hash verify: SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash verify: SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
+
+PSA hash verify: SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
+
+PSA hash verify: MD2
+depends_on:MBEDTLS_MD2_C
+hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
+
+PSA hash verify: MD4
+depends_on:MBEDTLS_MD4_C
+hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
+
+PSA hash verify: MD5
+depends_on:MBEDTLS_MD5_C
+hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
+
+PSA hash verify: RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+PSA hash multi part: MD2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+PSA hash multi part: MD2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+PSA hash multi part: MD2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
+
+PSA hash multi part: MD2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
+
+PSA hash multi part: MD2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
+
+PSA hash multi part: MD2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
+
+PSA hash multi part: MD2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+PSA hash multi part: MD4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+PSA hash multi part: MD4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
+
+PSA hash multi part: MD4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
+
+PSA hash multi part: MD4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
+
+PSA hash multi part: MD4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+PSA hash multi part: MD4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
+
+PSA hash multi part: MD4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+PSA hash multi part: MD5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+PSA hash multi part: MD5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
+
+PSA hash multi part: MD5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+PSA hash multi part: MD5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
+
+PSA hash multi part: MD5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
+
+PSA hash multi part: MD5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+PSA hash multi part: MD5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
new file mode 100644
index 0000000..8abd4e2
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -0,0 +1,104 @@
+/* BEGIN_HEADER */
+
+#include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+#include "psa/crypto.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
+{
+ psa_algorithm_t alg = alg_arg;
+ unsigned char actual_hash[PSA_HASH_MAX_SIZE];
+ size_t actual_hash_length;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ PSA_ASSERT( psa_hash_update( &operation,
+ input->x, input->len ) );
+ PSA_ASSERT( psa_hash_finish( &operation,
+ actual_hash, sizeof( actual_hash ),
+ &actual_hash_length ) );
+ ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+ actual_hash, actual_hash_length );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+ PSA_ASSERT( psa_hash_update( &operation,
+ input->x,
+ input->len ) );
+ PSA_ASSERT( psa_hash_verify( &operation,
+ expected_hash->x,
+ expected_hash->len ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
+{
+ psa_algorithm_t alg = alg_arg;
+ unsigned char actual_hash[PSA_HASH_MAX_SIZE];
+ size_t actual_hash_length;
+ psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t operation2 = PSA_HASH_OPERATION_INIT;
+ uint32_t len = 0;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ do
+ {
+ memset( actual_hash, 0, sizeof( actual_hash ) );
+ PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+
+ PSA_ASSERT( psa_hash_update( &operation,
+ input->x, len ) );
+ PSA_ASSERT( psa_hash_clone( &operation, &operation2 ) );
+ PSA_ASSERT( psa_hash_update( &operation,
+ input->x + len, input->len - len ) );
+ PSA_ASSERT( psa_hash_update( &operation2,
+ input->x + len, input->len - len ) );
+
+ PSA_ASSERT( psa_hash_finish( &operation,
+ actual_hash, sizeof( actual_hash ),
+ &actual_hash_length ) );
+ ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+ actual_hash, actual_hash_length );
+
+ PSA_ASSERT( psa_hash_finish( &operation2,
+ actual_hash, sizeof( actual_hash ),
+ &actual_hash_length ) );
+ ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+ actual_hash, actual_hash_length );
+ } while( len++ != input->len );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
new file mode 100644
index 0000000..c57a764
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -0,0 +1,56 @@
+Create NV seed file
+create_nv_seed:
+
+PSA init/deinit
+init_deinit:2
+
+PSA deinit without init
+deinit_without_init:0
+
+PSA deinit twice
+deinit_without_init:1
+
+No random without init
+validate_module_init_generate_random:0
+
+No key slot access without init
+validate_module_init_key_based:0
+
+No random after deinit
+validate_module_init_generate_random:1
+
+No key slot access after deinit
+validate_module_init_key_based:1
+
+Custom entropy sources: all standard
+custom_entropy_sources:0x0000ffff:PSA_SUCCESS
+
+Custom entropy sources: none
+custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+Fake entropy: never returns anything
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:0:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+Fake entropy: less than the block size
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+Fake entropy: one block eventually
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
+
+Fake entropy: one block in two steps
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1:-1:-1:PSA_SUCCESS
+
+Fake entropy: more than one block in two steps
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS
+
+NV seed only: less than minimum
+entropy_from_nv_seed:MBEDTLS_ENTROPY_MIN_PLATFORM - 1:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+NV seed only: less than one block
+entropy_from_nv_seed:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+NV seed only: just enough
+entropy_from_nv_seed:ENTROPY_MIN_NV_SEED_SIZE:PSA_SUCCESS
+
+Recreate NV seed file
+create_nv_seed:
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
new file mode 100644
index 0000000..c8f6e1b
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -0,0 +1,284 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+#include "psa/crypto.h"
+
+/* Some tests in this module configure entropy sources. */
+#include "psa_crypto_invasive.h"
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+#define ENTROPY_MIN_NV_SEED_SIZE \
+ MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+
+typedef struct
+{
+ size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */
+ size_t max_steps;
+ size_t *length_sequence;
+ size_t step;
+} fake_entropy_state_t;
+static int fake_entropy_source( void *state_arg,
+ unsigned char *output, size_t len,
+ size_t *olen )
+{
+ fake_entropy_state_t *state = state_arg;
+ size_t i;
+
+ if( state->step >= state->max_steps )
+ return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+ *olen = MIN( len, state->length_sequence[state->step] );
+ for( i = 0; i < *olen; i++ )
+ output[i] = i;
+ ++state->step;
+ return( 0 );
+}
+
+#define ENTROPY_SOURCE_PLATFORM 0x00000001
+#define ENTROPY_SOURCE_TIMING 0x00000002
+#define ENTROPY_SOURCE_HAVEGE 0x00000004
+#define ENTROPY_SOURCE_HARDWARE 0x00000008
+#define ENTROPY_SOURCE_NV_SEED 0x00000010
+#define ENTROPY_SOURCE_FAKE 0x40000000
+
+static uint32_t custom_entropy_sources_mask;
+static fake_entropy_state_t fake_entropy_state;
+
+/* This is a modified version of mbedtls_entropy_init() from entropy.c
+ * which chooses entropy sources dynamically. */
+static void custom_entropy_init( mbedtls_entropy_context *ctx )
+{
+ ctx->source_count = 0;
+ memset( ctx->source, 0, sizeof( ctx->source ) );
+
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_mutex_init( &ctx->mutex );
+#endif
+
+ ctx->accumulator_started = 0;
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+ mbedtls_sha512_init( &ctx->accumulator );
+#else
+ mbedtls_sha256_init( &ctx->accumulator );
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+ mbedtls_havege_init( &ctx->havege_data );
+#endif
+
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+ if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM )
+ mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
+ MBEDTLS_ENTROPY_MIN_PLATFORM,
+ MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_TIMING_C)
+ if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING )
+ mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
+ MBEDTLS_ENTROPY_MIN_HARDCLOCK,
+ MBEDTLS_ENTROPY_SOURCE_WEAK );
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+ if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE )
+ mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
+ MBEDTLS_ENTROPY_MIN_HAVEGE,
+ MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+ if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE )
+ mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
+ MBEDTLS_ENTROPY_MIN_HARDWARE,
+ MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+ if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED )
+ {
+ mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
+ MBEDTLS_ENTROPY_BLOCK_SIZE,
+ MBEDTLS_ENTROPY_SOURCE_STRONG );
+ ctx->initial_entropy_run = 0;
+ }
+ else
+ {
+ /* Skip the NV seed even though it's compiled in. */
+ ctx->initial_entropy_run = 1;
+ }
+#endif
+
+ if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE )
+ mbedtls_entropy_add_source( ctx,
+ fake_entropy_source, &fake_entropy_state,
+ fake_entropy_state.threshold,
+ MBEDTLS_ENTROPY_SOURCE_STRONG );
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
+void create_nv_seed( )
+{
+ static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE];
+ TEST_ASSERT( mbedtls_nv_seed_write( seed, sizeof( seed ) ) >= 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void init_deinit( int count )
+{
+ psa_status_t status;
+ int i;
+ for( i = 0; i < count; i++ )
+ {
+ status = psa_crypto_init( );
+ PSA_ASSERT( status );
+ status = psa_crypto_init( );
+ PSA_ASSERT( status );
+ mbedtls_psa_crypto_free( );
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void deinit_without_init( int count )
+{
+ int i;
+ for( i = 0; i < count; i++ )
+ {
+ PSA_ASSERT( psa_crypto_init( ) );
+ mbedtls_psa_crypto_free( );
+ }
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_generate_random( int count )
+{
+ psa_status_t status;
+ uint8_t random[10] = { 0 };
+ int i;
+ for( i = 0; i < count; i++ )
+ {
+ status = psa_crypto_init( );
+ PSA_ASSERT( status );
+ mbedtls_psa_crypto_free( );
+ }
+ status = psa_generate_random( random, sizeof( random ) );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_key_based( int count )
+{
+ psa_status_t status;
+ uint8_t data[10] = { 0 };
+ int i;
+ for( i = 0; i < count; i++ )
+ {
+ status = psa_crypto_init( );
+ PSA_ASSERT( status );
+ mbedtls_psa_crypto_free( );
+ }
+ status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
+ TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
+{
+ psa_status_t expected_init_status = expected_init_status_arg;
+ uint8_t random[10] = { 0 };
+
+ custom_entropy_sources_mask = sources_arg;
+ PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+ custom_entropy_init, mbedtls_entropy_free ) );
+
+ TEST_EQUAL( psa_crypto_init( ), expected_init_status );
+ if( expected_init_status != PSA_SUCCESS )
+ goto exit;
+
+ PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void fake_entropy_source( int threshold,
+ int amount1,
+ int amount2,
+ int amount3,
+ int amount4,
+ int expected_init_status_arg )
+{
+ psa_status_t expected_init_status = expected_init_status_arg;
+ uint8_t random[10] = { 0 };
+ size_t lengths[4];
+
+ fake_entropy_state.threshold = threshold;
+ fake_entropy_state.step = 0;
+ fake_entropy_state.max_steps = 0;
+ if( amount1 >= 0 )
+ lengths[fake_entropy_state.max_steps++] = amount1;
+ if( amount2 >= 0 )
+ lengths[fake_entropy_state.max_steps++] = amount2;
+ if( amount3 >= 0 )
+ lengths[fake_entropy_state.max_steps++] = amount3;
+ if( amount4 >= 0 )
+ lengths[fake_entropy_state.max_steps++] = amount4;
+ fake_entropy_state.length_sequence = lengths;
+
+ custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE;
+ PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+ custom_entropy_init, mbedtls_entropy_free ) );
+
+ TEST_EQUAL( psa_crypto_init( ), expected_init_status );
+ if( expected_init_status != PSA_SUCCESS )
+ goto exit;
+
+ PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
+void entropy_from_nv_seed( int seed_size_arg,
+ int expected_init_status_arg )
+{
+ psa_status_t expected_init_status = expected_init_status_arg;
+ uint8_t random[10] = { 0 };
+ uint8_t *seed = NULL;
+ size_t seed_size = seed_size_arg;
+
+ ASSERT_ALLOC( seed, seed_size );
+ TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 );
+
+ custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED;
+ PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+ custom_entropy_init, mbedtls_entropy_free ) );
+
+ TEST_EQUAL( psa_crypto_init( ), expected_init_status );
+ if( expected_init_status != PSA_SUCCESS )
+ goto exit;
+
+ PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
+
+exit:
+ mbedtls_free( seed );
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
new file mode 100644
index 0000000..1e7a996
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -0,0 +1,447 @@
+Hash: MD2
+depends_on:MBEDTLS_MD2_C
+hash_algorithm:PSA_ALG_MD2:16
+
+Hash: MD4
+depends_on:MBEDTLS_MD4_C
+hash_algorithm:PSA_ALG_MD4:16
+
+Hash: MD5
+depends_on:MBEDTLS_MD5_C
+hash_algorithm:PSA_ALG_MD5:16
+
+Hash: RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_algorithm:PSA_ALG_RIPEMD160:20
+
+Hash: SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_algorithm:PSA_ALG_SHA_1:20
+
+Hash: SHA-2 SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_algorithm:PSA_ALG_SHA_224:28
+
+Hash: SHA-2 SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_algorithm:PSA_ALG_SHA_256:32
+
+Hash: SHA-2 SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_algorithm:PSA_ALG_SHA_384:48
+
+Hash: SHA-2 SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_algorithm:PSA_ALG_SHA_512:64
+
+Hash: SHA-2 SHA-512/224
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hash_algorithm:PSA_ALG_SHA_512_224:28
+
+Hash: SHA-2 SHA-512/256
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hash_algorithm:PSA_ALG_SHA_512_256:32
+
+Hash: SHA-3 SHA3-224
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_224:28
+
+Hash: SHA-3 SHA3-256
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_256:32
+
+Hash: SHA-3 SHA3-384
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_384:48
+
+Hash: SHA-3 SHA3-512
+depends_on:MBEDTLS_SHA3_C
+hash_algorithm:PSA_ALG_SHA3_512:64
+
+MAC: HMAC-MD2
+depends_on:MBEDTLS_MD2_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
+
+MAC: HMAC-MD4
+depends_on:MBEDTLS_MD4_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
+
+MAC: HMAC-MD5
+depends_on:MBEDTLS_MD5_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
+
+MAC: HMAC-RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
+
+MAC: HMAC-SHA-1
+depends_on:MBEDTLS_SHA1_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
+
+MAC: HMAC-SHA-224
+depends_on:MBEDTLS_SHA256_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
+
+MAC: HMAC-SHA-256
+depends_on:MBEDTLS_SHA256_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
+
+MAC: HMAC-SHA-384
+depends_on:MBEDTLS_SHA512_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
+
+MAC: HMAC-SHA-512
+depends_on:MBEDTLS_SHA512_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
+
+MAC: HMAC-SHA-512/224
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):28:128
+
+MAC: HMAC-SHA-512/256
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):32:128
+
+MAC: HMAC-SHA3-224
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):28:144
+
+MAC: HMAC-SHA3-256
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):32:136
+
+MAC: HMAC-SHA3-384
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):48:104
+
+MAC: HMAC-SHA3-512
+depends_on:MBEDTLS_SHA3_C
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):64:72
+
+MAC: CBC_MAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CBC_MAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CBC_MAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CBC_MAC-3DES
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+MAC: CMAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CMAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CMAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CMAC-3DES
+depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+MAC: GMAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: GMAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: GMAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+Cipher: ARC4
+depends_on:MBEDTLS_ARC4_C
+cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
+
+Cipher: CTR
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
+
+Cipher: CFB
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB
+cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
+
+Cipher: OFB
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB
+cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
+
+Cipher: CBC-nopad
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
+
+Cipher: CBC-PKCS#7
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+cipher_algorithm:PSA_ALG_CBC_PKCS7:0
+
+Cipher: XTS
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS
+cipher_algorithm:PSA_ALG_XTS:0
+
+AEAD: CCM
+depends_on:MBEDTLS_CCM_C
+aead_algorithm:PSA_ALG_CCM:0:16
+
+AEAD: GCM
+depends_on:MBEDTLS_GCM_C
+aead_algorithm:PSA_ALG_GCM:0:16
+
+Asymmetric signature: RSA PKCS#1 v1.5 raw
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: RSA PSS SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
+depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC
+asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: randomized ECDSA (no hashing)
+depends_on:MBEDTLS_ECDSA_C
+asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: SHA-256 + randomized ECDSA
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC | ALG_IS_HASH_AND_SIGN
+
+Asymmetric signature: RSA PKCS#1 v1.5 with wildcard hash
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_wildcard:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PKCS1V15_SIGN
+
+Asymmetric signature: RSA PSS with wildcard hash
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
+asymmetric_signature_wildcard:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):ALG_IS_RSA_PSS
+
+Asymmetric signature: randomized DSA with wildcard hash
+depends_on:MBEDTLS_DSA_C
+asymmetric_signature_wildcard:PSA_ALG_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
+
+Asymmetric signature: deterministic DSA with wildcard hash
+depends_on:MBEDTLS_DSA_C:MBEDTLS_DSA_DETERMINISTIC
+asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_ANY_HASH ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
+
+Asymmetric signature: randomized ECDSA with wildcard hash
+depends_on:MBEDTLS_ECDSA_C
+asymmetric_signature_wildcard:PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
+
+Asymmetric signature: deterministic DSA with wildcard hash
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC
+asymmetric_signature_wildcard:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
+
+Asymmetric encryption: RSA PKCS#1 v1.5
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
+
+Asymmetric encryption: RSA OAEP using SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
+
+Key derivation: HKDF using SHA-256
+depends_on:MBEDTLS_SHA256_C
+key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
+
+Key selection: raw
+key_selection_algorithm:PSA_ALG_SELECT_RAW:0
+
+Key agreement: FFDH, raw output
+depends_on:MBEDTLS_DHM_C
+key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_SELECT_RAW ):ALG_IS_FFDH:PSA_ALG_SELECT_RAW
+
+Key agreement: FFDH, HKDF using SHA-256
+depends_on:MBEDTLS_DHM_C
+key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
+Key agreement: ECDH, raw output
+depends_on:MBEDTLS_ECDH_C
+key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ):ALG_IS_ECDH:PSA_ALG_SELECT_RAW
+
+Key agreement: ECDH, HKDF using SHA-256
+depends_on:MBEDTLS_ECDH_C
+key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
+Key type: raw data
+key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: HMAC
+key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: secret for key derivation
+key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: AES
+depends_on:MBEDTLS_AES_C
+key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: DES
+depends_on:MBEDTLS_DES_C
+key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: Camellia
+depends_on:MBEDTLS_CAMELLIA_C
+key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: ARC4
+depends_on:MBEDTLS_ARC4_C
+key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: RSA public key
+depends_on:MBEDTLS_RSA_C
+key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
+
+Key type: RSA key pair
+depends_on:MBEDTLS_RSA_C
+key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA
+
+Key type: DSA public key
+depends_on:MBEDTLS_DSA_C
+key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA
+
+Key type: DSA key pair
+depends_on:MBEDTLS_DSA_C
+key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA
+
+ECC key types: sect163k1
+depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT163K1:163
+
+ECC key types: sect163r1
+depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT163R1:163
+
+ECC key types: sect163r2
+depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT163R2:163
+
+ECC key types: sect193r1
+depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT193R1:193
+
+ECC key types: sect193r2
+depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT193R2:193
+
+ECC key types: sect233k1
+depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT233K1:233
+
+ECC key types: sect233r1
+depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT233R1:233
+
+ECC key types: sect239k1
+depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT239K1:239
+
+ECC key types: sect283k1
+depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT283K1:283
+
+ECC key types: sect283r1
+depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT283R1:283
+
+ECC key types: sect409k1
+depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT409K1:409
+
+ECC key types: sect409r1
+depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT409R1:409
+
+ECC key types: sect571k1
+depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT571K1:571
+
+ECC key types: sect571r1
+depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECT571R1:571
+
+ECC key types: secp160k1
+depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP160K1:160
+
+ECC key types: secp160r1
+depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP160R1:160
+
+ECC key types: secp160r2
+depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP160R2:160
+
+ECC key types: secp192k1
+depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP192K1:192
+
+ECC key types: secp192r1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP192R1:192
+
+ECC key types: secp224k1
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP224K1:224
+
+ECC key types: secp224r1
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP224R1:224
+
+ECC key types: secp256k1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP256K1:256
+
+ECC key types: secp256r1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP256R1:256
+
+ECC key types: secp384r1
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP384R1:384
+
+ECC key types: secp521r1
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_SECP521R1:521
+
+ECC key types: Brainpool P256R1
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1:256
+
+ECC key types: Brainpool P384R1
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1:384
+
+ECC key types: Brainpool P512R1
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1:512
+
+ECC key types: Curve25519
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
+ecc_key_types:PSA_ECC_CURVE_CURVE25519:255
+
+ECC key types: Curve448
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
+ecc_key_types:PSA_ECC_CURVE_CURVE448:448
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
new file mode 100644
index 0000000..01c8628
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -0,0 +1,485 @@
+/* BEGIN_HEADER */
+/* Test macros that provide metadata about algorithms and key types.
+ * This test suite only contains tests that don't require executing
+ * code. Other test suites validate macros that require creating a key
+ * and using it. */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+#include "psa/crypto.h"
+
+/* Flags for algorithm classification macros. There is a flag for every
+ * algorithm classification macro PSA_ALG_IS_xxx except for the
+ * category test macros, which are hard-coded in each
+ * category-specific function. The name of the flag is the name of the
+ * classification macro without the PSA_ prefix. */
+#define ALG_IS_VENDOR_DEFINED ( 1u << 0 )
+#define ALG_IS_HMAC ( 1u << 1 )
+#define ALG_IS_BLOCK_CIPHER_MAC ( 1u << 2 )
+#define ALG_IS_STREAM_CIPHER ( 1u << 3 )
+#define ALG_IS_RSA_PKCS1V15_SIGN ( 1u << 4 )
+#define ALG_IS_RSA_PSS ( 1u << 5 )
+#define ALG_IS_DSA ( 1u << 6 )
+#define ALG_DSA_IS_DETERMINISTIC ( 1u << 7 )
+#define ALG_IS_DETERMINISTIC_DSA ( 1u << 8 )
+#define ALG_IS_RANDOMIZED_DSA ( 1u << 9 )
+#define ALG_IS_ECDSA ( 1u << 10 )
+#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 11 )
+#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 12 )
+#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 13 )
+#define ALG_IS_HASH_AND_SIGN ( 1u << 14 )
+#define ALG_IS_RSA_OAEP ( 1u << 15 )
+#define ALG_IS_HKDF ( 1u << 16 )
+#define ALG_IS_FFDH ( 1u << 17 )
+#define ALG_IS_ECDH ( 1u << 18 )
+#define ALG_IS_WILDCARD ( 1u << 19 )
+
+/* Flags for key type classification macros. There is a flag for every
+ * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
+ * are tested as derived from other macros. The name of the flag is
+ * the name of the classification macro without the PSA_ prefix. */
+#define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 )
+#define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 )
+#define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 )
+#define KEY_TYPE_IS_KEYPAIR ( 1u << 3 )
+#define KEY_TYPE_IS_RSA ( 1u << 4 )
+#define KEY_TYPE_IS_DSA ( 1u << 5 )
+#define KEY_TYPE_IS_ECC ( 1u << 6 )
+
+#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
+ TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
+
+void algorithm_classification( psa_algorithm_t alg, unsigned flags )
+{
+ TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_HMAC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_BLOCK_CIPHER_MAC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_STREAM_CIPHER, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PKCS1V15_SIGN, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PSS, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_DSA, alg, flags );
+ if ( PSA_ALG_IS_DSA( alg ) )
+ TEST_CLASSIFICATION_MACRO( ALG_DSA_IS_DETERMINISTIC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_DSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_DSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_ECDSA, alg, flags );
+ if ( PSA_ALG_IS_ECDSA( alg ) )
+ TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_HASH_AND_SIGN, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
+ TEST_CLASSIFICATION_MACRO( ALG_IS_WILDCARD, alg, flags );
+exit: ;
+}
+
+void key_type_classification( psa_key_type_t type, unsigned flags )
+{
+ /* Macros tested based on the test case parameter */
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags );
+
+ /* Macros with derived semantics */
+ TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ),
+ ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
+ PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+ TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ),
+ ( PSA_KEY_TYPE_IS_ECC( type ) &&
+ PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+ TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ),
+ ( PSA_KEY_TYPE_IS_ECC( type ) &&
+ PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
+
+exit: ;
+}
+
+void mac_algorithm_core( psa_algorithm_t alg, int classification_flags,
+ psa_key_type_t key_type, size_t key_bits,
+ size_t length )
+{
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+
+ /* Length */
+ TEST_EQUAL( length, PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+
+exit: ;
+}
+
+void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
+ size_t tag_length )
+{
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+
+ /* Tag length */
+ TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) );
+
+exit: ;
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_algorithm( int alg_arg, int length_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ size_t length = length_arg;
+ psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg );
+ psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg );
+ psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg );
+ psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg );
+ psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg );
+ psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg );
+ psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg );
+ psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg );
+ psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg );
+
+ /* Algorithm classification */
+ TEST_ASSERT( PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, 0 );
+
+ /* Dependent algorithms */
+ TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( hmac_alg ), alg );
+ TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ), alg );
+ TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ), alg );
+ TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( dsa_alg ), alg );
+ TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ), alg );
+ TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ), alg );
+ TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ), alg );
+ TEST_EQUAL( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ), alg );
+ TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg );
+
+ /* Hash length */
+ TEST_EQUAL( length, PSA_HASH_SIZE( alg ) );
+ TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_algorithm( int alg_arg, int classification_flags,
+ int length_arg,
+ int key_type_arg, int key_bits_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ size_t length = length_arg;
+ size_t n;
+ size_t key_type = key_type_arg;
+ size_t key_bits = key_bits_arg;
+
+ mac_algorithm_core( alg, classification_flags,
+ key_type, key_bits, length );
+ TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( alg ), alg );
+ TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
+
+ /* Truncated versions */
+ for( n = 1; n <= length; n++ )
+ {
+ psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
+ mac_algorithm_core( truncated_alg, classification_flags,
+ key_type, key_bits, n );
+ TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ), alg );
+ /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length
+ * of the outer truncation (even if the outer length is smaller than
+ * the inner length). */
+ TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ),
+ PSA_ALG_TRUNCATED_MAC( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ),
+ PSA_ALG_TRUNCATED_MAC( alg, length - 1) );
+ TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ),
+ PSA_ALG_TRUNCATED_MAC( alg, length ) );
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hmac_algorithm( int alg_arg,
+ int length_arg,
+ int block_size_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
+ size_t block_size = block_size_arg;
+ size_t length = length_arg;
+ size_t n;
+
+ TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
+ TEST_EQUAL( PSA_ALG_HMAC( hash_alg ), alg );
+
+ TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
+
+ test_mac_algorithm( alg_arg, ALG_IS_HMAC, length,
+ PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length ) );
+
+ for( n = 1; n <= length; n++ )
+ {
+ psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
+ TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( truncated_alg ), hash_alg );
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_algorithm( int alg_arg, int classification_flags,
+ int tag_length_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ size_t tag_length = tag_length_arg;
+ size_t n;
+
+ aead_algorithm_core( alg, classification_flags, tag_length );
+
+ /* Truncated versions */
+ for( n = 1; n <= tag_length; n++ )
+ {
+ psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n );
+ aead_algorithm_core( truncated_alg, classification_flags, n );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ),
+ alg );
+ /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives
+ * the length of the outer truncation (even if the outer length is
+ * smaller than the inner length). */
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ),
+ PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ),
+ PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) );
+ TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ),
+ PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) );
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_wildcard( int alg_arg, int classification_flags )
+{
+ classification_flags |= ALG_IS_HASH_AND_SIGN | ALG_IS_WILDCARD;
+ test_asymmetric_signature_algorithm( alg_arg, classification_flags );
+ /* Any failure of this test function comes from
+ * asymmetric_signature_algorithm. Pacify -Werror=unused-label. */
+ goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_derivation_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+
+ /* Check combinations with key agreements */
+ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) );
+ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) );
+ TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg );
+ TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_selection_algorithm( int alg_arg, int classification_flags )
+{
+ psa_algorithm_t alg = alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+
+ /* Check combinations with key agreements */
+ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) );
+ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) );
+ TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg );
+ TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_algorithm( int alg_arg, int classification_flags,
+ int post_alg_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_algorithm_t actual_post_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
+ psa_algorithm_t expected_post_alg = post_alg_arg;
+
+ /* Algorithm classification */
+ TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+ TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+ TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+ algorithm_classification( alg, classification_flags );
+
+ /* Shared secret derivation properties */
+ TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( actual_post_alg ) ||
+ PSA_ALG_IS_KEY_SELECTION( actual_post_alg ) );
+ TEST_EQUAL( actual_post_alg, expected_post_alg );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_type( int type_arg, int classification_flags )
+{
+ psa_key_type_t type = type_arg;
+
+ key_type_classification( type, classification_flags );
+
+ /* For asymmetric types, check the corresponding pair/public type */
+ if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY )
+ {
+ psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type );
+ TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ), type );
+ key_type_classification( pair_type,
+ ( classification_flags
+ & ~KEY_TYPE_IS_PUBLIC_KEY )
+ | KEY_TYPE_IS_KEYPAIR );
+ TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ), type );
+ }
+ if( classification_flags & KEY_TYPE_IS_KEYPAIR )
+ {
+ psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
+ TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ), type );
+ key_type_classification( public_type,
+ ( classification_flags
+ & ~KEY_TYPE_IS_KEYPAIR )
+ | KEY_TYPE_IS_PUBLIC_KEY );
+ TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ), type );
+ }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecc_key_types( int curve_arg, int curve_bits_arg )
+{
+ psa_ecc_curve_t curve = curve_arg;
+ size_t curve_bits = curve_bits_arg;
+ psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
+ psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve );
+
+ test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
+ test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR );
+
+ TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve );
+ TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve );
+
+ /* Validate that the bit size is less than the maximum ECC bit size
+ * in this implementation. There's no parameter that should be equal
+ * to curve_bits and can be validated without creating a key. */
+ TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
new file mode 100644
index 0000000..613968d
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -0,0 +1,70 @@
+PSA Storage format data for storage
+format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION
+
+PSA Storage parse stored data
+parse_storage_data_check:"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_SUCCESS
+
+PSA Storage parse stored data wrong version, should fail
+parse_storage_data_check:"505341004b455900ffffffff000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage parse too big data, should fail
+parse_storage_data_check:"505341004b45590000000000000001700100000000000012ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage parse bad magic, should fail
+parse_storage_data_check:"645341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage parse not enough magic, should fail
+parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+# Not specific to files, but only run this test in an environment where the maximum size could be reached.
+Save maximum size persistent raw key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+save_large_persistent_key:0:PSA_SUCCESS
+
+Save larger than maximum size persistent raw key, should fail
+save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE
+
+Persistent key destroy
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
+
+Persistent key destroy missing key
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
+
+Persistent key import
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_SUCCESS
+
+Persistent key import garbage data, should fail
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"11111111":PSA_ERROR_INVALID_ARGUMENT
+
+import/export persistent raw key: 0 byte
+import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:0
+
+import/export persistent raw key: 1 byte
+import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0
+
+import/export persistent key RSA public key: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0
+
+import/export persistent key RSA keypair: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0
+
+import/export persistent raw key file not exist: 1 byte
+import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1
+
+import/export persistent key RSA public key file not exist: 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1
+
+import/export persistent key RSA keypair file not exist: 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1
+
+PSA import/export-persistent symmetric key: 16 bytes
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
new file mode 100644
index 0000000..2fa307e
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -0,0 +1,252 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+#include "psa/crypto.h"
+#include "psa_crypto_storage.h"
+#include "psa_crypto_storage_backend.h"
+#include "mbedtls/md.h"
+
+#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
+#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) )
+
+typedef struct {
+ uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
+ uint8_t version[4];
+ uint8_t type[sizeof( psa_key_type_t )];
+ uint8_t policy[sizeof( psa_key_policy_t )];
+ uint8_t data_len[4];
+ uint8_t key_data[];
+} psa_persistent_key_storage_format;
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void format_storage_data_check( data_t *key_data,
+ data_t *expected_file_data,
+ int key_type, int key_usage, int key_alg )
+{
+ uint8_t *file_data;
+ size_t file_data_length;
+ psa_key_policy_t key_policy;
+
+ key_policy.usage = (psa_key_usage_t) key_usage;
+ key_policy.alg = (psa_algorithm_t) key_alg;
+
+ file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format );
+ file_data = mbedtls_calloc( 1, file_data_length );
+ psa_format_key_data_for_storage( key_data->x, key_data->len,
+ (psa_key_type_t) key_type, &key_policy,
+ file_data );
+
+ ASSERT_COMPARE( expected_file_data->x, expected_file_data->len,
+ file_data, file_data_length );
+ mbedtls_free( file_data );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void parse_storage_data_check( data_t *file_data,
+ data_t *expected_key_data,
+ int expected_key_type,
+ int expected_key_usage,
+ int expected_key_alg,
+ int expected_status )
+{
+ uint8_t *key_data = NULL;
+ size_t key_data_length = 0;
+ psa_key_type_t key_type = 0;
+ psa_key_policy_t key_policy;
+ psa_status_t status;
+
+ status = psa_parse_key_data_from_storage( file_data->x, file_data->len,
+ &key_data, &key_data_length,
+ &key_type, &key_policy );
+
+ TEST_EQUAL( status, expected_status );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ TEST_EQUAL( key_type, (psa_key_type_t) expected_key_type );
+ TEST_EQUAL( key_policy.usage, (uint32_t) expected_key_usage );
+ TEST_EQUAL( key_policy.alg, (uint32_t) expected_key_alg );
+ ASSERT_COMPARE( expected_key_data->x, expected_key_data->len,
+ key_data, key_data_length );
+
+exit:
+ mbedtls_free( key_data );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void save_large_persistent_key( int data_too_large, int expected_status )
+{
+ psa_key_id_t key_id = 42;
+ psa_key_handle_t handle = 0;
+ uint8_t *data = NULL;
+ size_t data_length = PSA_CRYPTO_MAX_STORAGE_SIZE;
+
+ if( data_too_large )
+ data_length += 1;
+
+ ASSERT_ALLOC( data, data_length );
+
+ PSA_ASSERT( psa_crypto_init() );
+
+ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+ &handle ) );
+
+ TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
+ data, data_length ),
+ expected_status );
+
+exit:
+ mbedtls_free( data );
+ mbedtls_psa_crypto_free();
+ psa_destroy_persistent_key( key_id );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistent_key_destroy( int key_id_arg, int should_store,
+ int first_type_arg, data_t *first_data,
+ int second_type_arg, data_t *second_data )
+{
+ psa_key_id_t key_id = key_id_arg;
+ psa_key_handle_t handle = 0;
+ psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
+ psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
+
+ PSA_ASSERT( psa_crypto_init() );
+
+ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+ &handle ) );
+
+ if( should_store == 1 )
+ {
+ PSA_ASSERT( psa_import_key(
+ handle, first_type,
+ first_data->x, first_data->len ) );
+ }
+
+ /* Destroy the key */
+ PSA_ASSERT( psa_destroy_key( handle ) );
+
+ /* Check key slot storage is removed */
+ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
+ TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ),
+ PSA_ERROR_DOES_NOT_EXIST );
+ TEST_EQUAL( handle, 0 );
+
+ /* Shutdown and restart */
+ mbedtls_psa_crypto_free();
+ PSA_ASSERT( psa_crypto_init() );
+
+ /* Create another key in the same slot */
+ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+ &handle ) );
+ PSA_ASSERT( psa_import_key(
+ handle, second_type,
+ second_data->x, second_data->len ) );
+
+exit:
+ mbedtls_psa_crypto_free();
+ psa_destroy_persistent_key( key_id );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
+ int expected_status )
+{
+ psa_key_lifetime_t lifetime;
+ psa_key_id_t key_id = (psa_key_id_t) key_id_arg;
+ psa_key_type_t type = (psa_key_type_t) type_arg;
+ psa_key_handle_t handle = 0;
+
+ PSA_ASSERT( psa_crypto_init() );
+
+ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+ &handle ) );
+ TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ),
+ expected_status );
+
+ if( expected_status != PSA_SUCCESS )
+ {
+ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
+ goto exit;
+ }
+
+ PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) );
+ TEST_EQUAL( lifetime, PSA_KEY_LIFETIME_PERSISTENT );
+
+exit:
+ psa_destroy_persistent_key( key_id );
+ mbedtls_psa_crypto_free();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export_persistent_key( data_t *data, int type_arg,
+ int expected_bits, int key_not_exist )
+{
+ psa_key_id_t key_id = 42;
+ psa_key_type_t type = (psa_key_type_t) type_arg;
+ psa_key_handle_t handle = 0;
+ unsigned char *exported = NULL;
+ size_t export_size = data->len;
+ size_t exported_length;
+ psa_key_type_t got_type;
+ size_t got_bits;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_key_lifetime_t lifetime_get;
+
+ ASSERT_ALLOC( exported, export_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+ &handle ) );
+
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_VENDOR_FLAG );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+
+ /* Import the key */
+ PSA_ASSERT( psa_import_key( handle, type,
+ data->x, data->len ) );
+
+ PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) );
+ TEST_EQUAL( lifetime_get, PSA_KEY_LIFETIME_PERSISTENT );
+
+ /* Test the key information */
+ PSA_ASSERT( psa_get_key_information(
+ handle, &got_type, &got_bits ) );
+ TEST_EQUAL( got_type, type );
+ TEST_EQUAL( got_bits, (size_t) expected_bits );
+
+ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 );
+
+ if( key_not_exist )
+ {
+ psa_destroy_persistent_key( key_id );
+ }
+ /* Export the key */
+ PSA_ASSERT( psa_export_key( handle, exported, export_size,
+ &exported_length ) );
+
+ ASSERT_COMPARE( data->x, data->len, exported, exported_length );
+
+ /* Destroy the key */
+ PSA_ASSERT( psa_destroy_key( handle ) );
+ TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
+
+exit:
+ mbedtls_free( exported );
+ mbedtls_psa_crypto_free( );
+ psa_destroy_persistent_key( key_id );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
new file mode 100644
index 0000000..e937465
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -0,0 +1,124 @@
+Transient slot, check after closing
+transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+
+Transient slot, check after destroying
+transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+
+Transient slot, check after restart
+transient_slot_lifecycle:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+
+Persistent slot, check after closing
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+
+Persistent slot, check after destroying
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+
+Persistent slot, check after restart
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+
+Attempt to overwrite: close before
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_BEFORE
+
+Attempt to overwrite: close after
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:CLOSE_AFTER
+
+Attempt to overwrite: keep open
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:KEEP_OPEN
+
+Open failure: invalid identifier (0)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
+
+Open failure: invalid identifier (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
+
+Open failure: non-existent identifier
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_DOES_NOT_EXIST
+
+Open failure: volatile lifetime
+open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
+
+Open failure: invalid lifetime
+open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: volatile lifetime
+create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid lifetime
+create_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (0)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
+
+Open not supported
+depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
+
+Create not supported
+depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
+
+Copy volatile to volatile
+copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0
+
+Copy volatile to persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_across_lifetimes:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0
+
+Copy persistent to volatile
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0
+
+Copy persistent to persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_across_lifetimes:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_TYPE_RAW_DATA:"4142434445":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_USAGE_EXPORT:0
+
+Copy empty volatile to volatile
+copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0
+
+Copy empty volatile to persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_from_empty:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0
+
+Copy empty persistent to volatile
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_from_empty:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:0
+
+Copy empty persistent to persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_from_empty:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:0:PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:0
+
+Copy volatile to occupied volatile
+copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
+
+Copy volatile to occupied persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_to_occupied:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
+
+Copy persistent to occupied volatile
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
+
+Copy persistent to occupied persistent
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_to_occupied:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:2:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"606162636465666768696a6b6c6d6e6f"
+
+Copy volatile to itself
+copy_to_same:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f"
+
+Copy persistent to itself
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+copy_to_same:PSA_KEY_LIFETIME_VOLATILE:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f"
+
+Close/destroy invalid handle
+invalid_handle:
+
+Open many transient handles
+many_transient_handles:42
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
new file mode 100644
index 0000000..0278b88
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -0,0 +1,695 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+#include "psa/crypto.h"
+
+#include "psa_crypto_storage.h"
+
+typedef enum
+{
+ CLOSE_BY_CLOSE,
+ CLOSE_BY_DESTROY,
+ CLOSE_BY_SHUTDOWN,
+} close_method_t;
+
+typedef enum
+{
+ KEEP_OPEN,
+ CLOSE_BEFORE,
+ CLOSE_AFTER,
+} reopen_policy_t;
+
+/* All test functions that create persistent keys must call
+ * `TEST_MAX_KEY_ID( key_id )` before creating a persistent key with this
+ * identifier, and must call psa_purge_key_storage() in their cleanup
+ * code. */
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+/* There is no API to purge all keys. For this test suite, require that
+ * all key IDs be less than a certain maximum, or a well-known value
+ * which corresponds to a file that does not contain a key. */
+#define MAX_KEY_ID_FOR_TEST 32
+#define KEY_ID_IS_WELL_KNOWN( key_id ) \
+ ( ( key_id ) == PSA_CRYPTO_ITS_RANDOM_SEED_UID )
+#define TEST_MAX_KEY_ID( key_id ) \
+ TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST || \
+ KEY_ID_IS_WELL_KNOWN( key_id ) )
+void psa_purge_key_storage( void )
+{
+ psa_key_id_t i;
+ /* The tests may have potentially created key ids from 1 to
+ * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
+ * 0, which file-based storage uses as a temporary file. */
+ for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ )
+ psa_destroy_persistent_key( i );
+}
+#else
+#define TEST_MAX_KEY_ID( key_id ) ( (void) ( key_id ) )
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+
+static int psa_key_policy_equal( psa_key_policy_t *p1,
+ psa_key_policy_t *p2 )
+{
+ return( psa_key_policy_get_usage( p1 ) == psa_key_policy_get_usage( p2 ) &&
+ psa_key_policy_get_algorithm( p1 ) == psa_key_policy_get_algorithm( p2 ) );
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void transient_slot_lifecycle( int alg_arg, int usage_arg,
+ int type_arg, data_t *key_data,
+ int close_method_arg )
+{
+ psa_algorithm_t alg = alg_arg;
+ psa_key_usage_t usage_flags = usage_arg;
+ psa_key_type_t type = type_arg;
+ close_method_t close_method = close_method_arg;
+ psa_key_type_t read_type;
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Get a handle and import a key. */
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ TEST_ASSERT( handle != 0 );
+ psa_key_policy_set_usage( &policy, usage_flags, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
+ PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+ TEST_EQUAL( read_type, type );
+
+ /* Do something that invalidates the handle. */
+ switch( close_method )
+ {
+ case CLOSE_BY_CLOSE:
+ PSA_ASSERT( psa_close_key( handle ) );
+ break;
+ case CLOSE_BY_DESTROY:
+ PSA_ASSERT( psa_destroy_key( handle ) );
+ break;
+ case CLOSE_BY_SHUTDOWN:
+ mbedtls_psa_crypto_free( );
+ PSA_ASSERT( psa_crypto_init( ) );
+ break;
+ }
+ /* Test that the handle is now invalid. */
+ TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ),
+ PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
+ int alg_arg, int usage_arg,
+ int type_arg, data_t *key_data,
+ int close_method_arg )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_id_t id = id_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_usage_t usage_flags = usage_arg;
+ psa_key_type_t type = type_arg;
+ close_method_t close_method = close_method_arg;
+ psa_key_type_t read_type;
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+
+ TEST_MAX_KEY_ID( id );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Get a handle and import a key. */
+ PSA_ASSERT( psa_create_key( lifetime, id, &handle ) );
+ TEST_ASSERT( handle != 0 );
+ psa_key_policy_set_usage( &policy, usage_flags, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
+ PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+ TEST_EQUAL( read_type, type );
+
+ /* Close the key and reopen it. */
+ PSA_ASSERT( psa_close_key( handle ) );
+ PSA_ASSERT( psa_open_key( lifetime, id, &handle ) );
+ PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+ TEST_EQUAL( read_type, type );
+
+ /* Do something that invalidates the handle. */
+ switch( close_method )
+ {
+ case CLOSE_BY_CLOSE:
+ PSA_ASSERT( psa_close_key( handle ) );
+ break;
+ case CLOSE_BY_DESTROY:
+ PSA_ASSERT( psa_destroy_key( handle ) );
+ break;
+ case CLOSE_BY_SHUTDOWN:
+ mbedtls_psa_crypto_free( );
+ PSA_ASSERT( psa_crypto_init( ) );
+ break;
+ }
+ /* Test that the handle is now invalid. */
+ TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ),
+ PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
+
+ /* Try to reopen the key. If we destroyed it, check that it doesn't
+ * exist, otherwise check that it still exists. */
+ switch( close_method )
+ {
+ case CLOSE_BY_CLOSE:
+ case CLOSE_BY_SHUTDOWN:
+ PSA_ASSERT( psa_open_key( lifetime, id, &handle ) );
+ PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+ TEST_EQUAL( read_type, type );
+ break;
+ case CLOSE_BY_DESTROY:
+ TEST_EQUAL( psa_open_key( lifetime, id, &handle ),
+ PSA_ERROR_DOES_NOT_EXIST );
+ break;
+ }
+
+exit:
+ mbedtls_psa_crypto_free( );
+ psa_purge_key_storage( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void create_existent( int lifetime_arg, int id_arg,
+ int reopen_policy_arg )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_id_t id = id_arg;
+ psa_key_handle_t handle1 = 0, handle2 = 0;
+ psa_key_policy_t policy1 = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t read_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA;
+ psa_key_type_t read_type;
+ const uint8_t material1[16] = "test material #1";
+ size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) );
+ size_t read_bits;
+ uint8_t reexported[sizeof( material1 )];
+ size_t reexported_length;
+ reopen_policy_t reopen_policy = reopen_policy_arg;
+
+ TEST_MAX_KEY_ID( id );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Create a key. */
+ PSA_ASSERT( psa_create_key( lifetime, id, &handle1 ) );
+ TEST_ASSERT( handle1 != 0 );
+ psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 );
+ PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) );
+ PSA_ASSERT( psa_import_key( handle1, type1,
+ material1, sizeof( material1 ) ) );
+
+ if( reopen_policy == CLOSE_BEFORE )
+ PSA_ASSERT( psa_close_key( handle1 ) );
+
+ /* Attempt to create a new key in the same slot. */
+ TEST_EQUAL( psa_create_key( lifetime, id, &handle2 ),
+ PSA_ERROR_ALREADY_EXISTS );
+ TEST_EQUAL( handle2, 0 );
+
+ if( reopen_policy == CLOSE_AFTER )
+ PSA_ASSERT( psa_close_key( handle1 ) );
+ if( reopen_policy == CLOSE_BEFORE || reopen_policy == CLOSE_AFTER )
+ PSA_ASSERT( psa_open_key( lifetime, id, &handle1 ) );
+
+ /* Check that the original key hasn't changed. */
+ PSA_ASSERT( psa_get_key_policy( handle1, &read_policy ) );
+ TEST_ASSERT( psa_key_policy_equal( &read_policy, &policy1 ) );
+ PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) );
+ TEST_EQUAL( read_type, type1 );
+ TEST_EQUAL( read_bits, bits1 );
+ PSA_ASSERT( psa_export_key( handle1,
+ reexported, sizeof( reexported ),
+ &reexported_length ) );
+ ASSERT_COMPARE( material1, sizeof( material1 ),
+ reexported, reexported_length );
+
+exit:
+ mbedtls_psa_crypto_free( );
+ psa_purge_key_storage( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void open_fail( int lifetime_arg, int id_arg,
+ int expected_status_arg )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_id_t id = id_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_handle_t handle = 0xdead;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ TEST_EQUAL( psa_open_key( lifetime, id, &handle ), expected_status );
+ TEST_EQUAL( handle, 0 );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void create_fail( int lifetime_arg, int id_arg,
+ int expected_status_arg )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_id_t id = id_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_handle_t handle = 0xdead;
+
+ TEST_MAX_KEY_ID( id );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ TEST_EQUAL( psa_create_key( lifetime, id, &handle ),
+ expected_status );
+ TEST_EQUAL( handle, 0 );
+
+exit:
+ mbedtls_psa_crypto_free( );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ psa_purge_key_storage( );
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_across_lifetimes( int source_lifetime_arg, int source_id_arg,
+ int source_usage_arg, int source_alg_arg,
+ int type_arg, data_t *material,
+ int target_lifetime_arg, int target_id_arg,
+ int target_usage_arg, int target_alg_arg,
+ int expected_usage_arg, int expected_alg_arg )
+{
+ psa_key_lifetime_t source_lifetime = source_lifetime_arg;
+ psa_key_id_t source_id = source_id_arg;
+ psa_key_usage_t source_usage = source_usage_arg;
+ psa_algorithm_t source_alg = source_alg_arg;
+ psa_key_handle_t source_handle = 0;
+ psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t source_type = type_arg;
+ size_t source_bits;
+ psa_key_lifetime_t target_lifetime = target_lifetime_arg;
+ psa_key_id_t target_id = target_id_arg;
+ psa_key_usage_t target_usage = target_usage_arg;
+ psa_algorithm_t target_alg = target_alg_arg;
+ psa_key_handle_t target_handle = 0;
+ psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t target_type;
+ size_t target_bits;
+ psa_key_usage_t expected_usage = expected_usage_arg;
+ psa_algorithm_t expected_alg = expected_alg_arg;
+ uint8_t *export_buffer = NULL;
+
+ TEST_MAX_KEY_ID( source_id );
+ TEST_MAX_KEY_ID( target_id );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Populate the source slot. */
+ if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ PSA_ASSERT( psa_allocate_key( &source_handle ) );
+ else
+ PSA_ASSERT( psa_create_key( source_lifetime, source_id,
+ &source_handle ) );
+ psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
+ PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
+ PSA_ASSERT( psa_import_key( source_handle, source_type,
+ material->x, material->len ) );
+ PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
+
+ /* Prepare the target slot. */
+ if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ PSA_ASSERT( psa_allocate_key( &target_handle ) );
+ else
+ PSA_ASSERT( psa_create_key( target_lifetime, target_id,
+ &target_handle ) );
+ psa_key_policy_set_usage( &target_policy, target_usage, target_alg );
+ PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) );
+ target_policy = psa_key_policy_init();
+
+ /* Copy the key. */
+ PSA_ASSERT( psa_copy_key( source_handle, target_handle, NULL ) );
+
+ /* Destroy the source to ensure that this doesn't affect the target. */
+ PSA_ASSERT( psa_destroy_key( source_handle ) );
+
+ /* If the target key is persistent, restart the system to make
+ * sure that the material is still alive. */
+ if( target_lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ {
+ mbedtls_psa_crypto_free( );
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_open_key( target_lifetime, target_id,
+ &target_handle ) );
+ }
+
+ /* Test that the target slot has the expected content. */
+ PSA_ASSERT( psa_get_key_information( target_handle,
+ &target_type, &target_bits ) );
+ TEST_EQUAL( source_type, target_type );
+ TEST_EQUAL( source_bits, target_bits );
+ PSA_ASSERT( psa_get_key_policy( target_handle, &target_policy ) );
+ TEST_EQUAL( expected_usage, psa_key_policy_get_usage( &target_policy ) );
+ TEST_EQUAL( expected_alg, psa_key_policy_get_algorithm( &target_policy ) );
+ if( expected_usage & PSA_KEY_USAGE_EXPORT )
+ {
+ size_t length;
+ ASSERT_ALLOC( export_buffer, material->len );
+ PSA_ASSERT( psa_export_key( target_handle, export_buffer,
+ material->len, &length ) );
+ ASSERT_COMPARE( material->x, material->len,
+ export_buffer, length );
+ }
+
+exit:
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( export_buffer );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ psa_purge_key_storage( );
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_from_empty( int source_lifetime_arg, int source_id_arg,
+ int source_usage_arg, int source_alg_arg,
+ int target_lifetime_arg, int target_id_arg,
+ int target_usage_arg, int target_alg_arg )
+{
+ psa_key_lifetime_t source_lifetime = source_lifetime_arg;
+ psa_key_id_t source_id = source_id_arg;
+ psa_key_usage_t source_usage = source_usage_arg;
+ psa_algorithm_t source_alg = source_alg_arg;
+ psa_key_handle_t source_handle = 0;
+ psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT;
+ psa_key_lifetime_t target_lifetime = target_lifetime_arg;
+ psa_key_id_t target_id = target_id_arg;
+ psa_key_usage_t target_usage = target_usage_arg;
+ psa_algorithm_t target_alg = target_alg_arg;
+ psa_key_handle_t target_handle = 0;
+ psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT;
+ psa_key_policy_t got_policy;
+
+ TEST_MAX_KEY_ID( source_id );
+ TEST_MAX_KEY_ID( target_id );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Prepare the source slot. */
+ if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ PSA_ASSERT( psa_allocate_key( &source_handle ) );
+ else
+ PSA_ASSERT( psa_create_key( source_lifetime, source_id,
+ &source_handle ) );
+ psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
+ PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
+
+ /* Prepare the target slot. */
+ if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ PSA_ASSERT( psa_allocate_key( &target_handle ) );
+ else
+ PSA_ASSERT( psa_create_key( target_lifetime, target_id,
+ &target_handle ) );
+ psa_key_policy_set_usage( &target_policy, target_usage, target_alg );
+ PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) );
+
+ /* Copy the key. */
+ TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ),
+ PSA_ERROR_DOES_NOT_EXIST );
+
+ /* Test that the slots are unaffected. */
+ PSA_ASSERT( psa_get_key_policy( source_handle, &got_policy ) );
+ TEST_EQUAL( source_usage, psa_key_policy_get_usage( &got_policy ) );
+ TEST_EQUAL( source_alg, psa_key_policy_get_algorithm( &got_policy ) );
+ PSA_ASSERT( psa_get_key_policy( target_handle, &got_policy ) );
+ TEST_EQUAL( target_usage, psa_key_policy_get_usage( &got_policy ) );
+ TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &got_policy ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ psa_purge_key_storage( );
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_to_occupied( int source_lifetime_arg, int source_id_arg,
+ int source_usage_arg, int source_alg_arg,
+ int source_type_arg, data_t *source_material,
+ int target_lifetime_arg, int target_id_arg,
+ int target_usage_arg, int target_alg_arg,
+ int target_type_arg, data_t *target_material )
+{
+ psa_key_lifetime_t source_lifetime = source_lifetime_arg;
+ psa_key_id_t source_id = source_id_arg;
+ psa_key_usage_t source_usage = source_usage_arg;
+ psa_algorithm_t source_alg = source_alg_arg;
+ psa_key_handle_t source_handle = 0;
+ psa_key_policy_t source_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t source_type = source_type_arg;
+ size_t source_bits;
+ psa_key_lifetime_t target_lifetime = target_lifetime_arg;
+ psa_key_id_t target_id = target_id_arg;
+ psa_key_usage_t target_usage = target_usage_arg;
+ psa_algorithm_t target_alg = target_alg_arg;
+ psa_key_handle_t target_handle = 0;
+ psa_key_policy_t target_policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t target_type = target_type_arg;
+ size_t target_bits;
+ psa_key_policy_t got_policy;
+ psa_key_type_t got_type;
+ size_t got_bits;
+ uint8_t *export_buffer = NULL;
+
+ TEST_MAX_KEY_ID( source_id );
+ TEST_MAX_KEY_ID( target_id );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Populate the source slot. */
+ if( source_lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ PSA_ASSERT( psa_allocate_key( &source_handle ) );
+ else
+ PSA_ASSERT( psa_create_key( source_lifetime, source_id,
+ &source_handle ) );
+ psa_key_policy_set_usage( &source_policy, source_usage, source_alg );
+ PSA_ASSERT( psa_set_key_policy( source_handle, &source_policy ) );
+ PSA_ASSERT( psa_import_key( source_handle, source_type,
+ source_material->x, source_material->len ) );
+ PSA_ASSERT( psa_get_key_information( source_handle, NULL, &source_bits ) );
+
+ /* Populate the target slot. */
+ if( target_lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ PSA_ASSERT( psa_allocate_key( &target_handle ) );
+ else
+ PSA_ASSERT( psa_create_key( target_lifetime, target_id,
+ &target_handle ) );
+ psa_key_policy_set_usage( &target_policy, target_usage, target_alg );
+ PSA_ASSERT( psa_set_key_policy( target_handle, &target_policy ) );
+ PSA_ASSERT( psa_import_key( target_handle, target_type,
+ target_material->x, target_material->len ) );
+ PSA_ASSERT( psa_get_key_information( target_handle, NULL, &target_bits ) );
+
+ /* Copy the key. */
+ TEST_EQUAL( psa_copy_key( source_handle, target_handle, NULL ),
+ PSA_ERROR_ALREADY_EXISTS );
+
+ /* Test that the target slot is unaffected. */
+ PSA_ASSERT( psa_get_key_information( target_handle,
+ &got_type, &got_bits ) );
+ TEST_EQUAL( target_type, got_type );
+ TEST_EQUAL( target_bits, got_bits );
+ PSA_ASSERT( psa_get_key_policy( target_handle, &got_policy ) );
+ TEST_EQUAL( target_usage, psa_key_policy_get_usage( &got_policy ) );
+ TEST_EQUAL( target_alg, psa_key_policy_get_algorithm( &got_policy ) );
+ if( target_usage & PSA_KEY_USAGE_EXPORT )
+ {
+ size_t length;
+ ASSERT_ALLOC( export_buffer, target_material->len );
+ PSA_ASSERT( psa_export_key( target_handle, export_buffer,
+ target_material->len, &length ) );
+ ASSERT_COMPARE( target_material->x, target_material->len,
+ export_buffer, length );
+ }
+
+exit:
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( export_buffer );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ psa_purge_key_storage( );
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void copy_to_same( int lifetime_arg, int id_arg,
+ int usage_arg, int alg_arg,
+ int type_arg, data_t *material )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_id_t id = id_arg;
+ psa_key_usage_t usage = usage_arg;
+ psa_algorithm_t alg = alg_arg;
+ psa_key_handle_t handle = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t type = type_arg;
+ size_t bits;
+ psa_key_policy_t got_policy;
+ psa_key_type_t got_type;
+ size_t got_bits;
+ uint8_t *export_buffer = NULL;
+
+ TEST_MAX_KEY_ID( id );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Populate the slot. */
+ if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ PSA_ASSERT( psa_allocate_key( &handle ) );
+ else
+ PSA_ASSERT( psa_create_key( lifetime, id,
+ &handle ) );
+ psa_key_policy_set_usage( &policy, usage, alg );
+ PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+ PSA_ASSERT( psa_import_key( handle, type,
+ material->x, material->len ) );
+ PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) );
+
+ /* Copy the key. */
+ TEST_EQUAL( psa_copy_key( handle, handle, NULL ),
+ PSA_ERROR_ALREADY_EXISTS );
+
+ /* Test that the slot is unaffected. */
+ PSA_ASSERT( psa_get_key_information( handle,
+ &got_type, &got_bits ) );
+ TEST_EQUAL( type, got_type );
+ TEST_EQUAL( bits, got_bits );
+ PSA_ASSERT( psa_get_key_policy( handle, &got_policy ) );
+ TEST_EQUAL( usage, psa_key_policy_get_usage( &got_policy ) );
+ TEST_EQUAL( alg, psa_key_policy_get_algorithm( &got_policy ) );
+ if( usage & PSA_KEY_USAGE_EXPORT )
+ {
+ size_t length;
+ ASSERT_ALLOC( export_buffer, material->len );
+ PSA_ASSERT( psa_export_key( handle, export_buffer,
+ material->len, &length ) );
+ ASSERT_COMPARE( material->x, material->len,
+ export_buffer, length );
+ }
+
+exit:
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( export_buffer );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+ psa_purge_key_storage( );
+#endif
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void invalid_handle( )
+{
+ psa_key_handle_t handle1 = 0;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ psa_key_type_t read_type;
+ size_t read_bits;
+ uint8_t material[1] = "a";
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ /* Allocate a handle and store a key in it. */
+ PSA_ASSERT( psa_allocate_key( &handle1 ) );
+ TEST_ASSERT( handle1 != 0 );
+ psa_key_policy_set_usage( &policy, 0, 0 );
+ PSA_ASSERT( psa_set_key_policy( handle1, &policy ) );
+ PSA_ASSERT( psa_import_key( handle1, PSA_KEY_TYPE_RAW_DATA,
+ material, sizeof( material ) ) );
+
+ /* Attempt to close and destroy some invalid handles. */
+ TEST_EQUAL( psa_close_key( 0 ), PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_close_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_close_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_destroy_key( 0 ), PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_destroy_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE );
+ TEST_EQUAL( psa_destroy_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE );
+
+ /* After all this, check that the original handle is intact. */
+ PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) );
+ TEST_EQUAL( read_type, PSA_KEY_TYPE_RAW_DATA );
+ TEST_EQUAL( read_bits, PSA_BYTES_TO_BITS( sizeof( material ) ) );
+ PSA_ASSERT( psa_close_key( handle1 ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void many_transient_handles( int max_handles_arg )
+{
+ psa_key_handle_t *handles = NULL;
+ size_t max_handles = max_handles_arg;
+ size_t i, j;
+ psa_status_t status;
+ psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
+ uint8_t exported[sizeof( size_t )];
+ size_t exported_length;
+
+ ASSERT_ALLOC( handles, max_handles );
+ PSA_ASSERT( psa_crypto_init( ) );
+ psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
+
+ for( i = 0; i < max_handles; i++ )
+ {
+ status = psa_allocate_key( &handles[i] );
+ if( status == PSA_ERROR_INSUFFICIENT_MEMORY )
+ break;
+ PSA_ASSERT( status );
+ TEST_ASSERT( handles[i] != 0 );
+ for( j = 0; j < i; j++ )
+ TEST_ASSERT( handles[i] != handles[j] );
+ PSA_ASSERT( psa_set_key_policy( handles[i], &policy ) );
+ PSA_ASSERT( psa_import_key( handles[i], PSA_KEY_TYPE_RAW_DATA,
+ (uint8_t *) &i, sizeof( i ) ) );
+ }
+ max_handles = i;
+
+ for( i = 1; i < max_handles; i++ )
+ {
+ PSA_ASSERT( psa_close_key( handles[i - 1] ) );
+ PSA_ASSERT( psa_export_key( handles[i],
+ exported, sizeof( exported ),
+ &exported_length ) );
+ ASSERT_COMPARE( exported, exported_length,
+ (uint8_t *) &i, sizeof( i ) );
+ }
+ PSA_ASSERT( psa_close_key( handles[i - 1] ) );
+
+exit:
+ mbedtls_psa_crypto_free( );
+ mbedtls_free( handles );
+}
+/* END_CASE */
+
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.data b/tests/suites/test_suite_psa_crypto_storage_file.data
new file mode 100644
index 0000000..4b068e1
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_file.data
@@ -0,0 +1,43 @@
+PSA Storage Load verify loaded file
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"deadbeef":1:4:PSA_SUCCESS
+
+PSA Storage Load check slots dont share state
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:2:"deadbeef":1:4:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage Load zero length file
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"":1:1:PSA_SUCCESS
+
+PSA Storage Load less than capacity of data buffer
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"deadbeef":1:5:PSA_SUCCESS
+
+PSA Storage Load nonexistent file location, should fail
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"deadbeef":0:4:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage Store verify stored file
+depends_on:MBEDTLS_FS_IO
+write_data_to_file:"deadbeef":PSA_SUCCESS
+
+PSA Storage Store into preexisting location, should fail
+depends_on:MBEDTLS_FS_IO
+write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_ALREADY_EXISTS
+
+PSA Storage Store, preexisting temp_location file, should succeed
+depends_on:MBEDTLS_FS_IO
+write_data_to_prexisting_file:"psa_key_slot_0":"deadbeef":PSA_SUCCESS
+
+PSA Storage Get data size verify data size
+depends_on:MBEDTLS_FS_IO
+get_file_size:"deadbeef":4:PSA_SUCCESS:1
+
+PSA Storage Get data size verify data size zero length file
+depends_on:MBEDTLS_FS_IO
+get_file_size:"":0:PSA_SUCCESS:1
+
+PSA Storage Get data size nonexistent file location, should fail
+depends_on:MBEDTLS_FS_IO
+get_file_size:"deadbeef":4:PSA_ERROR_DOES_NOT_EXIST:0
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function
new file mode 100644
index 0000000..e596be1
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_file.function
@@ -0,0 +1,157 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+#include "psa/crypto.h"
+#include "psa_crypto_storage_backend.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void load_data_from_file( int id_to_load_arg,
+ data_t *data, int should_make_file,
+ int capacity_arg, int expected_status )
+{
+ psa_key_id_t id_to_load = id_to_load_arg;
+ char slot_location[] = "psa_key_slot_1";
+ psa_status_t status;
+ int ret;
+ size_t file_size = 0;
+ uint8_t *loaded_data = NULL;
+ size_t capacity = (size_t) capacity_arg;
+
+ if( should_make_file == 1 )
+ {
+ /* Create a file with data contents, with mask permissions. */
+ FILE *file;
+ file = fopen( slot_location, "wb+" );
+ TEST_ASSERT( file != NULL );
+ file_size = fwrite( data->x, 1, data->len, file );
+ TEST_EQUAL( file_size, data->len );
+ ret = fclose( file );
+ TEST_EQUAL( ret, 0 );
+ }
+
+ /* Read from the file with psa_crypto_storage_load. */
+ ASSERT_ALLOC( loaded_data, capacity );
+ status = psa_crypto_storage_load( id_to_load, loaded_data, file_size );
+
+ /* Check we get the expected status. */
+ TEST_EQUAL( status, expected_status );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Check that the file data and data length is what we expect. */
+ ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
+
+exit:
+ mbedtls_free( loaded_data );
+ remove( slot_location );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void write_data_to_file( data_t *data, int expected_status )
+{
+ char slot_location[] = "psa_key_slot_1";
+ psa_status_t status;
+ int ret;
+ FILE *file;
+ size_t file_size;
+ size_t num_read;
+ uint8_t *loaded_data = NULL;
+
+ /* Write data to file. */
+ status = psa_crypto_storage_store( 1, data->x, data->len );
+
+ /* Check that we got the expected status. */
+ TEST_EQUAL( status, expected_status );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ /* Check that the file length is what we expect */
+ file = fopen( slot_location, "rb" );
+ TEST_ASSERT( file != NULL );
+ fseek( file, 0, SEEK_END );
+ file_size = (size_t) ftell( file );
+ fseek( file, 0, SEEK_SET );
+ TEST_EQUAL( file_size, data->len );
+
+ /* Check that the file contents are what we expect */
+ ASSERT_ALLOC( loaded_data, data->len );
+
+ num_read = fread( loaded_data, 1, file_size, file );
+ TEST_EQUAL( num_read, file_size );
+ ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
+ ret = fclose( file );
+ TEST_EQUAL( ret, 0 );
+
+exit:
+ mbedtls_free( loaded_data );
+ remove( slot_location );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void get_file_size( data_t *data, int expected_data_length,
+ int expected_status, int should_make_file )
+{
+ char slot_location[] = "psa_key_slot_1";
+ psa_status_t status;
+ int ret;
+ size_t file_size;
+
+ if( should_make_file )
+ {
+ /* Create a file with data contents, with mask permissions. */
+ FILE *file;
+ file = fopen( slot_location, "wb+" );
+ TEST_ASSERT( file != NULL );
+ file_size = fwrite( data->x, 1, data->len, file );
+ TEST_EQUAL( file_size, data->len );
+ ret = fclose( file );
+ TEST_EQUAL( ret, 0 );
+ }
+
+ /* Check get data size is what we expect */
+ status = psa_crypto_storage_get_data_length( 1, &file_size );
+ TEST_EQUAL( status, expected_status );
+ if( expected_status == PSA_SUCCESS )
+ TEST_EQUAL( file_size, (size_t)expected_data_length );
+
+exit:
+ remove( slot_location );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void write_data_to_prexisting_file( char *preexist_file_location,
+ data_t *data, int expected_status )
+{
+ char slot_location[] = "psa_key_slot_1";
+ psa_status_t status;
+ int ret;
+ FILE *file;
+
+ /* Create file first */
+ file = fopen( preexist_file_location, "wb" );
+ TEST_ASSERT( file != NULL );
+ ret = fclose( file );
+ TEST_EQUAL( ret, 0 );
+
+ /* Write data to file. */
+ status = psa_crypto_storage_store( 1, data->x, data->len );
+
+ /* Check that we got the expected status. */
+ TEST_EQUAL( status, expected_status );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+exit:
+ remove( preexist_file_location );
+ remove( slot_location );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index a25d61c..953b1ff 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -330,6 +330,7 @@
mbedtls_rsa_check_pubkey:16:"7edcba9876543210deadbeefcafe4321":16:"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
RSA Check Public key #6 (N exactly 8192 bits)
+depends_on:MBEDTLS_MPI_MAX_SIZE>=1024
mbedtls_rsa_check_pubkey:16:"88F48075BF29E95C1C6AE8716678B74E957B69CC2E49708C160C6343AAD2F076D25397ACE74220311ED18AEEB681F463611B3340C3945CAAEAD3ACC616E08A25A55683A32979BD55EA5DAB7630AF393886896F11DDC5F07E15EDF949324CF0F0B2A5C0E85DFA23167193182D1A43079DC8645F6C2C029629F475575802F7D326DE5BD891A9C5F84A433D45154181EC05685A4B368A5B6434775A00ABC6B0A04647D4598CEEE566B552230F691C98CA30B402A76C686A94B373CCD2F60EFA3878A867BB5F585D088E27C507937262D098A477B9218BE7C03B2E4C102D244CA701645F1827CD947E5E796446378B848862E689F0D1773F752056841A1F0EECE7CAB74921A42DBF2EF264ADCF4ABE05A1242E5F629A657A2D67958A2DAC9A2245074A37099B45064723ABE21241058252632C2BA6FE85AB1C75FF310891B84C9C40AB646FE1D90BC716FB3A4B56DA3EA25CA397C04B994F7C6AD1DD0CB9E994CA6B835F7830F4F4E0F976BBEA5AE8556BC7C90B3E50E21C19AD1F6BC4A8FF15F2909D9CC5F3DA533BADFF50F487869D631C3E34D69636B4C25A55127EF5B715F2FC0565734B38DF996D1970E56F7F64EBECB9D00A587AAEC608F2D3AAA51E66BF53E92C3096BF78D1DCBCE1A645FA4F0542E6F68E5A94AAA6E839F75620FABED5D2BCF40AB8EAF95F838BFA962429F281578882DF0F2721C27C8905C9E776B1D3251FC066A8BC64C0CE7FBA2B8E21F65EF6739AB6F19EC2AB07817DFF03DAB7C846AB5CC86C103642D7664A85DC2D846A8004CD6A144C72CCCAC86DB5901A047324927B80E281F5F7315FA2F9083BDE0DB7AA46DC055E36BB73FB6DBD3A14759D06CBBE8D57CBC213C4D55DE4478679E0A5902C8655BE1391C0E88D2B1FBD57E9232A2CEBC67569ECD94E4BF0FCC6C003F9AA51A2A5E6EE084A46DAE65E52400A727F9713D29E92CD6CA37FD599598B3F677624A2A484A8B36B98EFEAD662C0A23BC1D9280EF2A31F887065EB20A93B41F7A264ECFA65B3555F3E400927018186EAA2D4F00C6B7AB1BCED5F893D64478177592C7F2B945307AB474D7EC7FF2E7E55834CC763BEF81DA9BD70FB3D423AE5ADB86B336734C8A3BEC90CEB05438B5BA030D0D30DEC1442D2EB08450480FBAE090FFA1A5ADD748A415BDCDE45094E792420F0AF94BCA0A80A2096D1A478D3428A214A7E68C0F07F58C6FB232ECC3D8B821AE29AE76E13EB751193F6ECA670016D54F3D796937DDBB8900062EF116CCA3F5B3AECA618272875336C9C050FBC0FC7EDD5B88D85DA0061D21E176E1419CF573629BE7B0496E761EAD45FE32B59EB00D47CDD178AC8F8EC8D6F26DED34F7576CD938422E18E936F16A704B483A48EE3BEA59D95F688136119894930EC8E9282E5974740CF031DF8DBB07EB08F2DA0ACCADECE15A6A57502890F4A03740E60BD":16:"010001":0
RSA Check Public key #7 (N larger than 8192 bits)
@@ -477,7 +478,7 @@
RSA Import (N,-,-,D,E)
mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0
-RSA Import (N,-,-,D,E), succesive
+RSA Import (N,-,-,D,E), successive
mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0
RSA Import (N,P,Q,-,E)
@@ -564,7 +565,7 @@
RSA Export (N,-,-,D,E)
mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:0
-RSA Export (N,-,-,D,E), succesive
+RSA Export (N,-,-,D,E), successive
mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1
RSA Export (N,P,Q,-,E)
@@ -585,7 +586,7 @@
RSA Export Raw (N,-,-,D,E)
mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0
-RSA Export Raw (N,-,-,D,E), succesive
+RSA Export Raw (N,-,-,D,E), successive
mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1
RSA Export Raw (N,P,Q,-,E)
diff --git a/tests/suites/test_suite_timing.data b/tests/suites/test_suite_timing.data
index 4dddcf7..2522da1 100644
--- a/tests/suites/test_suite_timing.data
+++ b/tests/suites/test_suite_timing.data
@@ -1,41 +1,17 @@
-Timing: basic timer operation
-timing_timer_simple:
-
-Timing: timer reset
-timing_timer_reset:
-
-Timing: two parallel timers, delay 0
-timing_two_timers:0:
-
-Timing: two parallel timers, delay 100
-timing_two_timers:100:
-
-Timing: two parallel timers, delay 1000
-timing_two_timers:1000:
-
-Timing: two parallel timers, delay 10000
-timing_two_timers:10000:
-
-Timing: delay 0ms, 0ms
-timing_delay:0:0:
-
-Timing: delay 0ms, 50ms
-timing_delay:0:50:
-
-Timing: delay 50ms, 50ms
-timing_delay:50:50:
-
-Timing: delay 50ms, 100ms
-timing_delay:50:100:
-
-Timing: delay 50ms, 200ms
-timing_delay:50:200:
-
-Timing: alarm in 0 second
-timing_alarm:0:
-
-Timing: alarm in 1 second
-timing_alarm:1:
-
Timing: hardclock
timing_hardclock:
+
+Timing: get timer
+timing_get_timer:
+
+Timing: set alarm with no delay
+timing_set_alarm:0:
+
+Timing: set alarm with 1s delay
+timing_set_alarm:1:
+
+Timing: delay 0ms
+timing_delay:0:
+
+Timing: delay 100ms
+timing_delay:100:
diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function
index 1610155..74dc823 100644
--- a/tests/suites/test_suite_timing.function
+++ b/tests/suites/test_suite_timing.function
@@ -1,51 +1,14 @@
/* BEGIN_HEADER */
-/* This test module exercises the timing module. One of the expected failure
- modes is for timers to never expire, which could lead to an infinite loop.
- The function timing_timer_simple is protected against this failure mode and
- checks that timers do expire. Other functions will terminate if their
- timers do expire. Therefore it is recommended to run timing_timer_simple
- first and run other test functions only if that timing_timer_simple
- succeeded. */
+/* This test module exercises the timing module. Since, depending on the
+ * underlying operating system, the timing routines are not always reliable,
+ * this suite only performs very basic sanity checks of the timing API.
+ */
#include <limits.h>
#include "mbedtls/timing.h"
-/* Wait this many milliseconds for a short timing test. This duration
- should be large enough that, in practice, if you read the timer
- value twice in a row, it won't have jumped by that much. */
-#define TIMING_SHORT_TEST_MS 100
-
-/* A loop that waits TIMING_SHORT_TEST_MS must not take more than this many
- iterations. This value needs to be large enough to accommodate fast
- platforms (e.g. at 4GHz and 10 cycles/iteration a CPU can run through 20
- million iterations in 50ms). The only motivation to keep this value low is
- to avoid having an infinite loop if the timer functions are not implemented
- correctly. Ideally this value should be based on the processor speed but we
- don't have this information! */
-#define TIMING_SHORT_TEST_ITERATIONS_MAX 1e8
-
-/* alarm(0) must fire in no longer than this amount of time. */
-#define TIMING_ALARM_0_DELAY_MS TIMING_SHORT_TEST_MS
-
-static int expected_delay_status( uint32_t int_ms, uint32_t fin_ms,
- unsigned long actual_ms )
-{
- return( fin_ms == 0 ? -1 :
- actual_ms >= fin_ms ? 2 :
- actual_ms >= int_ms ? 1 :
- 0 );
-}
-
-/* Some conditions in timing_timer_simple suggest that timers are unreliable.
- Most other test cases rely on timers to terminate, and could loop
- indefinitely if timers are too broken. So if timing_timer_simple detected a
- timer that risks not terminating (going backwards, or not reaching the
- desired count in the alloted clock cycles), set this flag to immediately
- fail those other tests without running any timers. */
-static int timers_are_badly_broken = 0;
-
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -54,350 +17,58 @@
*/
/* BEGIN_CASE */
-void timing_timer_simple( )
+void timing_hardclock( )
{
- struct mbedtls_timing_hr_time timer;
- unsigned long millis = 0;
- unsigned long new_millis = 0;
- unsigned long iterations = 0;
- /* Start the timer. */
- (void) mbedtls_timing_get_timer( &timer, 1 );
- /* Busy-wait loop for a few milliseconds. */
- do
- {
- new_millis = mbedtls_timing_get_timer( &timer, 0 );
- ++iterations;
- /* Check that the timer didn't go backwards */
- TEST_ASSERT( new_millis >= millis );
- millis = new_millis;
- }
- while( millis < TIMING_SHORT_TEST_MS &&
- iterations <= TIMING_SHORT_TEST_ITERATIONS_MAX );
- /* The wait duration should have been large enough for at least a
- few runs through the loop, even on the slowest realistic platform. */
- TEST_ASSERT( iterations >= 2 );
- /* The wait duration shouldn't have overflowed the iteration count. */
- TEST_ASSERT( iterations < TIMING_SHORT_TEST_ITERATIONS_MAX );
- return;
-
-exit:
- if( iterations >= TIMING_SHORT_TEST_ITERATIONS_MAX ||
- new_millis < millis )
- {
- /* The timer was very unreliable: it didn't increment and the loop ran
- out, or it went backwards. Other tests that use timers might go
- into an infinite loop, so we'll skip them. */
- timers_are_badly_broken = 1;
- }
-
- /* No cleanup needed, but show some diagnostic iterations, because timing
- problems can be hard to reproduce. */
- mbedtls_fprintf( stdout, " Finished with millis=%lu new_millis=%lu get(timer)<=%lu iterations=%lu\n",
- millis, new_millis, mbedtls_timing_get_timer( &timer, 0 ),
- iterations );
+ (void) mbedtls_timing_hardclock();
+ /* This goto is added to avoid warnings from the generated code. */
+ goto exit;
}
/* END_CASE */
/* BEGIN_CASE */
-void timing_timer_reset( )
+void timing_get_timer( )
{
- struct mbedtls_timing_hr_time timer;
- unsigned long millis = 0;
- unsigned long iterations = 0;
-
- /* Skip this test if it looks like timers don't work at all, to avoid an
- infinite loop below. */
- TEST_ASSERT( !timers_are_badly_broken );
-
- /* Start the timer. Timers are always reset to 0. */
- TEST_ASSERT( mbedtls_timing_get_timer( &timer, 1 ) == 0 );
- /* Busy-wait loop for a few milliseconds */
- do
- {
- ++iterations;
- millis = mbedtls_timing_get_timer( &timer, 0 );
- }
- while( millis < TIMING_SHORT_TEST_MS );
-
- /* Reset the timer and check that it has restarted. */
- TEST_ASSERT( mbedtls_timing_get_timer( &timer, 1 ) == 0 );
- /* Read the timer immediately after reset. It should be 0 or close
- to it. */
- TEST_ASSERT( mbedtls_timing_get_timer( &timer, 0 ) < TIMING_SHORT_TEST_MS );
- return;
-
-exit:
- /* No cleanup needed, but show some diagnostic information, because timing
- problems can be hard to reproduce. */
- if( !timers_are_badly_broken )
- mbedtls_fprintf( stdout, " Finished with millis=%lu get(timer)<=%lu iterations=%lu\n",
- millis, mbedtls_timing_get_timer( &timer, 0 ),
- iterations );
+ struct mbedtls_timing_hr_time time;
+ (void) mbedtls_timing_get_timer( &time, 1 );
+ (void) mbedtls_timing_get_timer( &time, 0 );
+ /* This goto is added to avoid warnings from the generated code. */
+ goto exit;
}
/* END_CASE */
/* BEGIN_CASE */
-void timing_two_timers( int delta )
+void timing_set_alarm( int seconds )
{
- struct mbedtls_timing_hr_time timer1, timer2;
- unsigned long millis1 = 0, millis2 = 0;
-
- /* Skip this test if it looks like timers don't work at all, to avoid an
- infinite loop below. */
- TEST_ASSERT( !timers_are_badly_broken );
-
- /* Start the first timer and wait for a short time. */
- (void) mbedtls_timing_get_timer( &timer1, 1 );
- do
+ if( seconds == 0 )
{
- millis1 = mbedtls_timing_get_timer( &timer1, 0 );
- }
- while( millis1 < TIMING_SHORT_TEST_MS );
-
- /* Do a short busy-wait, so that the difference between timer1 and timer2
- doesn't practically always end up being very close to a whole number of
- milliseconds. */
- while( delta > 0 )
- --delta;
-
- /* Start the second timer and compare it with the first. */
- mbedtls_timing_get_timer( &timer2, 1 );
- do
- {
- millis1 = mbedtls_timing_get_timer( &timer1, 0 );
- millis2 = mbedtls_timing_get_timer( &timer2, 0 );
- /* The first timer should always be ahead of the first. */
- TEST_ASSERT( millis1 > millis2 );
- /* The timers shouldn't drift apart, i.e. millis2-millis1 should stay
- roughly constant, but this is hard to test reliably, especially in
- a busy environment such as an overloaded continuous integration
- system, so we don't test it it. */
- }
- while( millis2 < TIMING_SHORT_TEST_MS );
-
- return;
-
-exit:
- /* No cleanup needed, but show some diagnostic iterations, because timing
- problems can be hard to reproduce. */
- if( !timers_are_badly_broken )
- mbedtls_fprintf( stdout, " Finished with millis1=%lu get(timer1)<=%lu millis2=%lu get(timer2)<=%lu\n",
- millis1, mbedtls_timing_get_timer( &timer1, 0 ),
- millis2, mbedtls_timing_get_timer( &timer2, 0 ) );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void timing_alarm( int seconds )
-{
- struct mbedtls_timing_hr_time timer;
- unsigned long millis = 0;
- /* We check that about the desired number of seconds has elapsed. Be
- slightly liberal with the lower bound, so as to allow platforms where
- the alarm (with second resolution) and the timer (with millisecond
- resolution) are based on different clocks. Be very liberal with the
- upper bound, because the platform might be busy. */
- unsigned long millis_min = ( seconds > 0 ?
- seconds * 900 :
- 0 );
- unsigned long millis_max = ( seconds > 0 ?
- seconds * 1100 + 400 :
- TIMING_ALARM_0_DELAY_MS );
- unsigned long iterations = 0;
-
- /* Skip this test if it looks like timers don't work at all, to avoid an
- infinite loop below. */
- TEST_ASSERT( !timers_are_badly_broken );
-
- /* Set an alarm and count how long it takes with a timer. */
- (void) mbedtls_timing_get_timer( &timer, 1 );
- mbedtls_set_alarm( seconds );
-
- if( seconds > 0 )
- {
- /* We set the alarm for at least 1 second. It should not have fired
- immediately, even on a slow and busy platform. */
- TEST_ASSERT( !mbedtls_timing_alarmed );
- }
- /* A 0-second alarm should fire quickly, but we don't guarantee that it
- fires immediately, so mbedtls_timing_alarmed may or may not be set at
- this point. */
-
- /* Busy-wait until the alarm rings */
- do
- {
- ++iterations;
- millis = mbedtls_timing_get_timer( &timer, 0 );
- }
- while( !mbedtls_timing_alarmed && millis <= millis_max );
-
- TEST_ASSERT( mbedtls_timing_alarmed );
- TEST_ASSERT( millis >= millis_min );
- TEST_ASSERT( millis <= millis_max );
-
- mbedtls_timing_alarmed = 0;
- return;
-
-exit:
- /* Show some diagnostic iterations, because timing
- problems can be hard to reproduce. */
- if( !timers_are_badly_broken )
- mbedtls_fprintf( stdout, " Finished with alarmed=%d millis=%lu get(timer)<=%lu iterations=%lu\n",
- mbedtls_timing_alarmed,
- millis, mbedtls_timing_get_timer( &timer, 0 ),
- iterations );
- /* Cleanup */
- mbedtls_timing_alarmed = 0;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void timing_delay( int int_ms, int fin_ms )
-{
- /* This function assumes that if int_ms is nonzero then it is large
- enough that we have time to read all timers at least once in an
- interval of time lasting int_ms milliseconds, and likewise for (fin_ms
- - int_ms). So don't call it with arguments that are too small. */
-
- mbedtls_timing_delay_context delay;
- struct mbedtls_timing_hr_time timer;
- unsigned long delta = 0; /* delay started between timer=0 and timer=delta */
- unsigned long before = 0, after = 0;
- unsigned long iterations = 0;
- int status = -2;
- int saw_status_1 = 0;
- int warn_inconclusive = 0;
-
- assert( int_ms >= 0 );
- assert( fin_ms >= 0 );
-
- /* Skip this test if it looks like timers don't work at all, to avoid an
- infinite loop below. */
- TEST_ASSERT( !timers_are_badly_broken );
-
- /* Start a reference timer. Program a delay, and verify that the status of
- the delay is consistent with the time given by the reference timer. */
- (void) mbedtls_timing_get_timer( &timer, 1 );
- mbedtls_timing_set_delay( &delay, int_ms, fin_ms );
- /* Set delta to an upper bound for the interval between the start of timer
- and the start of delay. Reading timer after starting delay gives us an
- upper bound for the interval, rounded to a 1ms precision. Since this
- might have been rounded down, but we need an upper bound, we add 1. */
- delta = mbedtls_timing_get_timer( &timer, 0 ) + 1;
-
- status = mbedtls_timing_get_delay( &delay );
- if( fin_ms == 0 )
- {
- /* Cancelled timer. Just check the correct status for this case. */
- TEST_ASSERT( status == -1 );
- return;
- }
-
- /* Initially, none of the delays must be passed yet if they're nonzero.
- This could fail for very small values of int_ms and fin_ms, where "very
- small" depends how fast and how busy the platform is. */
- if( int_ms > 0 )
- {
- TEST_ASSERT( status == 0 );
+ mbedtls_set_alarm( seconds );
+ TEST_ASSERT( mbedtls_timing_alarmed == 1 );
}
else
{
- TEST_ASSERT( status == 1 );
+ mbedtls_set_alarm( seconds );
+ TEST_ASSERT( mbedtls_timing_alarmed == 0 ||
+ mbedtls_timing_alarmed == 1 );
}
-
- do
- {
- unsigned long delay_min, delay_max;
- int status_min, status_max;
- ++iterations;
- before = mbedtls_timing_get_timer( &timer, 0 );
- status = mbedtls_timing_get_delay( &delay );
- after = mbedtls_timing_get_timer( &timer, 0 );
- /* At a time between before and after, the delay's status was status.
- Check that this is consistent given that the delay was started
- between times 0 and delta. */
- delay_min = ( before > delta ? before - delta : 0 );
- status_min = expected_delay_status( int_ms, fin_ms, delay_min );
- delay_max = after;
- status_max = expected_delay_status( int_ms, fin_ms, delay_max );
- TEST_ASSERT( status >= status_min );
- TEST_ASSERT( status <= status_max );
- if( status == 1 )
- saw_status_1 = 1;
- }
- while ( before <= fin_ms + delta && status != 2 );
-
- /* Since we've waited at least fin_ms, the delay must have fully
- expired. */
- TEST_ASSERT( status == 2 );
-
- /* If the second delay is more than the first, then there must have been a
- point in time when the first delay was passed but not the second delay.
- This could fail for very small values of (fin_ms - int_ms), where "very
- small" depends how fast and how busy the platform is. In practice, this
- is the test that's most likely to fail on a heavily loaded machine. */
- if( fin_ms > int_ms )
- {
- warn_inconclusive = 1;
- TEST_ASSERT( saw_status_1 );
- }
-
- return;
-
-exit:
- /* No cleanup needed, but show some diagnostic iterations, because timing
- problems can be hard to reproduce. */
- if( !timers_are_badly_broken )
- mbedtls_fprintf( stdout, " Finished with delta=%lu before=%lu after=%lu status=%d iterations=%lu\n",
- delta, before, after, status, iterations );
- if( warn_inconclusive )
- mbedtls_fprintf( stdout, " Inconclusive test, try running it on a less heavily loaded machine.\n" );
- }
+}
/* END_CASE */
/* BEGIN_CASE */
-void timing_hardclock( )
+void timing_delay( int fin_ms )
{
- /* We make very few guarantees about mbedtls_timing_hardclock: its rate is
- platform-dependent, it can wrap around. So there isn't much we can
- test. But we do at least test that it doesn't crash, stall or return
- completely nonsensical values. */
-
- struct mbedtls_timing_hr_time timer;
- unsigned long hardclock0 = -1, hardclock1 = -1, delta1 = -1;
-
- /* Skip this test if it looks like timers don't work at all, to avoid an
- infinite loop below. */
- TEST_ASSERT( !timers_are_badly_broken );
-
- hardclock0 = mbedtls_timing_hardclock( );
- /* Wait 2ms to ensure a nonzero delay. Since the timer interface has 1ms
- resolution and unspecified precision, waiting 1ms might be a very small
- delay that's rounded up. */
- (void) mbedtls_timing_get_timer( &timer, 1 );
- while( mbedtls_timing_get_timer( &timer, 0 ) < 2 )
- /*busy-wait loop*/;
- hardclock1 = mbedtls_timing_hardclock( );
-
- /* Although the hardclock counter can wrap around, the difference
- (hardclock1 - hardclock0) is taken modulo the type size, so it is
- correct as long as the counter only wrapped around at most once. We
- further require the difference to be nonzero (after a wait of more than
- 1ms, the counter must have changed), and not to be overly large (after
- a wait of less than 3ms, plus time lost because other processes were
- scheduled on the CPU). If the hardclock counter runs at 4GHz, then
- 1000000000 (which is 1/4 of the counter wraparound on a 32-bit machine)
- allows 250ms. */
- delta1 = hardclock1 - hardclock0;
- TEST_ASSERT( delta1 > 0 );
- TEST_ASSERT( delta1 < 1000000000 );
- return;
-
-exit:
- /* No cleanup needed, but show some diagnostic iterations, because timing
- problems can be hard to reproduce. */
- if( !timers_are_badly_broken )
- mbedtls_fprintf( stdout, " Finished with hardclock=%lu,%lu\n",
- hardclock0, hardclock1 );
+ mbedtls_timing_delay_context ctx;
+ int result;
+ if( fin_ms == 0 )
+ {
+ mbedtls_timing_set_delay( &ctx, 0, 0 );
+ result = mbedtls_timing_get_delay( &ctx );
+ TEST_ASSERT( result == -1 );
+ }
+ else
+ {
+ mbedtls_timing_set_delay( &ctx, fin_ms / 2, fin_ms );
+ result = mbedtls_timing_get_delay( &ctx );
+ TEST_ASSERT( result >= 0 && result <= 2 );
+ }
}
/* END_CASE */
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 8f97c0c..042d653 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -2,14 +2,26 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
x509_cert_info:"data_files/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
+X509 Certificate information #1 (DER)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+x509_cert_info:"data_files/server1.der":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
+
X509 Certificate information #2
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
x509_cert_info:"data_files/server2.crt":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
+X509 Certificate information #2 (DER)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+x509_cert_info:"data_files/server2.der":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2011-02-12 14\:44\:06\nexpires on \: 2021-02-12 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
+
X509 Certificate information #3
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
x509_cert_info:"data_files/test-ca.crt":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2011-02-12 14\:44\:00\nexpires on \: 2021-02-12 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n"
+X509 Certificate information #3 (DER)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
+x509_cert_info:"data_files/test-ca.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2011-02-12 14\:44\:00\nexpires on \: 2021-02-12 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n"
+
X509 Certificate information MD2 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C
x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2009-07-12 10\:56\:59\nexpires on \: 2011-07-12 10\:56\:59\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
@@ -278,6 +290,10 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C
mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n"
+X509 CSR Information RSA with SHA256 - Microsoft header
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
+mbedtls_x509_csr_info:"data_files/server1-ms.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n"
+
X509 Verify Information: empty
x509_verify_info:0:"":""
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 552c494..4a82608 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -334,6 +334,10 @@
char * cn_name = NULL;
const mbedtls_x509_crt_profile *profile;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
mbedtls_x509_crt_init( &crt );
mbedtls_x509_crt_init( &ca );
mbedtls_x509_crl_init( &crl );
@@ -387,6 +391,10 @@
uint32_t flags = 0;
verify_print_context vrfy_ctx;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
mbedtls_x509_crt_init( &crt );
mbedtls_x509_crt_init( &ca );
verify_print_init( &vrfy_ctx );
@@ -505,8 +513,22 @@
mbedtls_x509_crt_init( &crt );
memset( output, 0, 2000 );
+ TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) );
+ if( ( result ) == 0 )
+ {
+ res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
- TEST_ASSERT( mbedtls_x509_crt_parse( &crt, buf->x, buf->len ) == ( result ) );
+ TEST_ASSERT( res != -1 );
+ TEST_ASSERT( res != -2 );
+
+ TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 );
+ }
+
+ mbedtls_x509_crt_free( &crt );
+ mbedtls_x509_crt_init( &crt );
+ memset( output, 0, 2000 );
+
+ TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) );
if( ( result ) == 0 )
{
res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt );
@@ -605,6 +627,10 @@
uint32_t flags;
mbedtls_x509_crt trusted, chain;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
/*
* We expect chain_dir to contain certificates 00.crt, 01.crt, etc.
* with NN.crt signed by NN-1.crt
@@ -646,6 +672,10 @@
mbedtls_x509_crt trusted, chain;
const mbedtls_x509_crt_profile *profile = NULL;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ TEST_ASSERT( psa_crypto_init() == 0 );
+#endif
+
mbedtls_x509_crt_init( &chain );
mbedtls_x509_crt_init( &trusted );
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index c196625..54d7270 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -50,6 +50,10 @@
depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0
+Certificate Request check opaque Server5 ECDSA, key_usage
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
+
Certificate write check Server1 SHA1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 535807e..e15802f 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -5,6 +5,11 @@
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
#include "mbedtls/rsa.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
@@ -28,6 +33,34 @@
}
#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
+{
+ unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+ const mbedtls_md_info_t *md_info;
+ mbedtls_x509_csr csr;
+
+ if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 )
+ return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+ md_info = mbedtls_md_info_from_type( csr.sig_md );
+ if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
+ {
+ /* Note: this can't happen except after an internal error */
+ return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+ }
+
+ if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
+ csr.sig_md, hash, mbedtls_md_get_size( md_info ),
+ csr.sig.p, csr.sig.len ) != 0 )
+ {
+ return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );
+ }
+
+ return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -96,6 +129,53 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */
+void x509_csr_check_opaque( char *key_file, int md_type, int key_usage,
+ int cert_type )
+{
+ mbedtls_pk_context key;
+ psa_key_handle_t slot;
+ psa_algorithm_t md_alg_psa;
+ mbedtls_x509write_csr req;
+ unsigned char buf[4096];
+ int ret;
+ size_t pem_len = 0;
+ const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
+ rnd_pseudo_info rnd_info;
+
+ psa_crypto_init();
+ memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
+
+ md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
+ TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
+
+ mbedtls_pk_init( &key );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 );
+
+ mbedtls_x509write_csr_init( &req );
+ mbedtls_x509write_csr_set_md_alg( &req, md_type );
+ mbedtls_x509write_csr_set_key( &req, &key );
+ TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
+ if( key_usage != 0 )
+ TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
+ if( cert_type != 0 )
+ TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
+
+ ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1,
+ rnd_pseudo_rand, &rnd_info );
+ TEST_ASSERT( ret == 0 );
+
+ pem_len = strlen( (char *) buf );
+ buf[pem_len] = '\0';
+ TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 );
+
+exit:
+ mbedtls_x509write_csr_free( &req );
+ mbedtls_pk_free( &key );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */
void x509_crt_check( char *subject_key_file, char *subject_pwd,
char *subject_name, char *issuer_key_file,
diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj
new file mode 100644
index 0000000..9ca6b64
--- /dev/null
+++ b/visualc/VS2010/crypto_examples.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\programs\psa\crypto_examples.c" />
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="mbedTLS.vcxproj">
+ <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+ <LinkLibraryDependencies>true</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{020C31BD-C4DF-BABA-E537-F517C4E98537}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ <RootNamespace>crypto_examples</RootNamespace>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ <PlatformToolset>Windows7.1SDK</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj
new file mode 100644
index 0000000..80914ff
--- /dev/null
+++ b/visualc/VS2010/key_ladder_demo.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\programs\psa\key_ladder_demo.c" />
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="mbedTLS.vcxproj">
+ <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+ <LinkLibraryDependencies>true</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{778777A0-393D-45E8-83C1-EAF487236F1F}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ <RootNamespace>key_ladder_demo</RootNamespace>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ <PlatformToolset>Windows7.1SDK</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln
index 66b96c3..8961f9d 100644
--- a/visualc/VS2010/mbedTLS.sln
+++ b/visualc/VS2010/mbedTLS.sln
@@ -123,6 +123,21 @@
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
EndProjectSection
EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypto_examples", "crypto_examples.vcxproj", "{020C31BD-C4DF-BABA-E537-F517C4E98537}"
+ ProjectSection(ProjectDependencies) = postProject
+ {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+ EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_ladder_demo", "key_ladder_demo.vcxproj", "{778777A0-393D-45E8-83C1-EAF487236F1F}"
+ ProjectSection(ProjectDependencies) = postProject
+ {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+ EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_constant_names.vcxproj", "{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}"
+ ProjectSection(ProjectDependencies) = postProject
+ {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+ EndProjectSection
+EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}"
ProjectSection(ProjectDependencies) = postProject
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
@@ -208,6 +223,11 @@
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
EndProjectSection
EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "query_compile_time_config", "query_compile_time_config.vcxproj", "{D6F58AF2-9D80-562A-E2B0-F743281522B9}"
+ ProjectSection(ProjectDependencies) = postProject
+ {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+ EndProjectSection
+EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pem2der", "pem2der.vcxproj", "{D3C6FBD6-D78E-7180-8345-5E09B492DBEC}"
ProjectSection(ProjectDependencies) = postProject
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
@@ -451,6 +471,30 @@
{95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.Build.0 = Release|Win32
{95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.ActiveCfg = Release|x64
{95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.Build.0 = Release|x64
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.ActiveCfg = Debug|Win32
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.Build.0 = Debug|Win32
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.ActiveCfg = Debug|x64
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.Build.0 = Debug|x64
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.ActiveCfg = Release|Win32
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.Build.0 = Release|Win32
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.ActiveCfg = Release|x64
+ {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.Build.0 = Release|x64
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.ActiveCfg = Debug|Win32
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.Build.0 = Debug|Win32
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.ActiveCfg = Debug|x64
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.Build.0 = Debug|x64
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.ActiveCfg = Release|Win32
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.Build.0 = Release|Win32
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.ActiveCfg = Release|x64
+ {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.Build.0 = Release|x64
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.ActiveCfg = Debug|Win32
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.Build.0 = Debug|Win32
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.ActiveCfg = Debug|x64
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.Build.0 = Debug|x64
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.ActiveCfg = Release|Win32
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64
+ {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64
{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32
{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32
{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64
@@ -587,6 +631,14 @@
{10C01E94-4926-063E-9F56-C84ED190D349}.Release|Win32.Build.0 = Release|Win32
{10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.ActiveCfg = Release|x64
{10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.Build.0 = Release|x64
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.ActiveCfg = Debug|Win32
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.Build.0 = Debug|Win32
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.ActiveCfg = Debug|x64
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.Build.0 = Debug|x64
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.ActiveCfg = Release|Win32
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.Build.0 = Release|Win32
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.ActiveCfg = Release|x64
+ {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.Build.0 = Release|x64
{D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.ActiveCfg = Debug|Win32
{D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.Build.0 = Debug|Win32
{D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|x64.ActiveCfg = Debug|x64
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 73c92bd..bb92d8f 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -204,6 +204,7 @@
<ClInclude Include="..\..\include\mbedtls\platform_time.h" />
<ClInclude Include="..\..\include\mbedtls\platform_util.h" />
<ClInclude Include="..\..\include\mbedtls\poly1305.h" />
+ <ClInclude Include="..\..\include\mbedtls\psa_util.h" />
<ClInclude Include="..\..\include\mbedtls\ripemd160.h" />
<ClInclude Include="..\..\include\mbedtls\rsa.h" />
<ClInclude Include="..\..\include\mbedtls\rsa_internal.h" />
@@ -224,6 +225,23 @@
<ClInclude Include="..\..\include\mbedtls\x509_crt.h" />
<ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
<ClInclude Include="..\..\include\mbedtls\xtea.h" />
+ <ClInclude Include="..\..\include\psa\crypto.h" />
+ <ClInclude Include="..\..\include\psa\crypto_accel_driver.h" />
+ <ClInclude Include="..\..\include\psa\crypto_driver_common.h" />
+ <ClInclude Include="..\..\include\psa\crypto_entropy_driver.h" />
+ <ClInclude Include="..\..\include\psa\crypto_extra.h" />
+ <ClInclude Include="..\..\include\psa\crypto_platform.h" />
+ <ClInclude Include="..\..\include\psa\crypto_se_driver.h" />
+ <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
+ <ClInclude Include="..\..\include\psa\crypto_struct.h" />
+ <ClInclude Include="..\..\include\psa\crypto_types.h" />
+ <ClInclude Include="..\..\include\psa\crypto_values.h" />
+ <ClInclude Include="..\..\library/psa_crypto_core.h" />
+ <ClInclude Include="..\..\library/psa_crypto_invasive.h" />
+ <ClInclude Include="..\..\library/psa_crypto_service_integration.h" />
+ <ClInclude Include="..\..\library/psa_crypto_slot_management.h" />
+ <ClInclude Include="..\..\library/psa_crypto_storage.h" />
+ <ClInclude Include="..\..\library/psa_crypto_storage_backend.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\library\aes.c" />
@@ -280,6 +298,11 @@
<ClCompile Include="..\..\library\platform.c" />
<ClCompile Include="..\..\library\platform_util.c" />
<ClCompile Include="..\..\library\poly1305.c" />
+ <ClCompile Include="..\..\library\psa_crypto.c" />
+ <ClCompile Include="..\..\library\psa_crypto_slot_management.c" />
+ <ClCompile Include="..\..\library\psa_crypto_storage.c" />
+ <ClCompile Include="..\..\library\psa_crypto_storage_file.c" />
+ <ClCompile Include="..\..\library\psa_crypto_storage_its.c" />
<ClCompile Include="..\..\library\ripemd160.c" />
<ClCompile Include="..\..\library\rsa.c" />
<ClCompile Include="..\..\library\rsa_internal.c" />
diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj
new file mode 100644
index 0000000..2618c7c
--- /dev/null
+++ b/visualc/VS2010/psa_constant_names.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\programs\psa\psa_constant_names.c" />
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="mbedTLS.vcxproj">
+ <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+ <LinkLibraryDependencies>true</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ <RootNamespace>psa_constant_names</RootNamespace>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ <PlatformToolset>Windows7.1SDK</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj
new file mode 100644
index 0000000..83a29f0
--- /dev/null
+++ b/visualc/VS2010/query_compile_time_config.vcxproj
@@ -0,0 +1,175 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\programs\test\query_compile_time_config.c" />
+ <ClCompile Include="..\..\programs\ssl\query_config.c" />
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="mbedTLS.vcxproj">
+ <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+ <LinkLibraryDependencies>true</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{D6F58AF2-9D80-562A-E2B0-F743281522B9}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ <RootNamespace>query_compile_time_config</RootNamespace>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>Unicode</CharacterSet>
+ <PlatformToolset>Windows7.1SDK</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <LinkIncremental>true</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ShowProgress>NotSet</ShowProgress>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+ </Link>
+ <ProjectReference>
+ <LinkLibraryDependencies>false</LinkLibraryDependencies>
+ </ProjectReference>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <WarningLevel>Level3</WarningLevel>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>true</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+ <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj
index 1d44fa7..a960fac 100644
--- a/visualc/VS2010/ssl_client2.vcxproj
+++ b/visualc/VS2010/ssl_client2.vcxproj
@@ -20,6 +20,7 @@
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\programs\ssl\ssl_client2.c" />
+ <ClCompile Include="..\..\programs\ssl\query_config.c" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="mbedTLS.vcxproj">
diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj
index d06e062..06a91cb 100644
--- a/visualc/VS2010/ssl_server2.vcxproj
+++ b/visualc/VS2010/ssl_server2.vcxproj
@@ -20,6 +20,7 @@
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\programs\ssl\ssl_server2.c" />
+ <ClCompile Include="..\..\programs\ssl\query_config.c" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="mbedTLS.vcxproj">