Merge pull request #977 from Mbed-TLS/merge-2.28

Merge 2.28 into 2.28-restricted

.pylintrc

@@ -73,3 +73,7 @@ reports=no
 # Allow unused variables if their name starts with an underscore.
 # [unused-argument]
 dummy-variables-rgx=_.*
+
+[SIMILARITIES]
+# Ignore imports when computing similarities.
+ignore-imports=yes

.travis.yml

@@ -27,8 +27,44 @@ jobs:
         - tests/scripts/all.sh -k build_arm_linux_gnueabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus
 
     - name: full configuration
+      os: linux
+      dist: focal
+      addons:
+        apt:
+          packages:
+          - clang-10
+          - gnutls-bin
       script:
-        - tests/scripts/all.sh -k test_full_cmake_gcc_asan
+        # Do a manual build+test sequence rather than using all.sh,
+        # because there's no all.sh component that does what we want,
+        # which is a build with Clang >= 10 and ASan, running all the SSL
+        # testing.
+        #   - The clang executable in the default PATH is Clang 7 on
+        #     Travis's focal instances, but we want Clang >= 10.
+        #   - Running all the SSL testing requires a specific set of
+        #     OpenSSL and GnuTLS versions and we don't want to bother
+        #     with those on Travis.
+        # So we explicitly select clang-10 as the compiler, and we
+        # have ad hoc restrictions on SSL testing based on what is
+        # passing at the time of writing. We will remove these limitations
+        # gradually.
+        - make CC=clang-10 CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all -O2' LDFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all'
+        - make test
+        - programs/test/selftest
+        - tests/scripts/test_psa_constant_names.py
+        # Exclude a few test cases that are failing mysteriously.
+        # https://github.com/Mbed-TLS/mbedtls/issues/6660
+        - tests/ssl-opt.sh -e 'Fallback SCSV:\ .*list'
+        # Modern OpenSSL does not support fixed ECDH, null or ancient ciphers.
+        - tests/compat.sh -p OpenSSL -e 'NULL\|ECDH-\|DES\|RC4'
+        - tests/scripts/travis-log-failure.sh
+        # GnuTLS supports CAMELLIA but compat.sh doesn't properly enable it.
+        # Modern GnuTLS does not support DES.
+        # One NULL cipher suite is strangely missing in pre-1.2 protocol
+        # versions (it works with (D)TLS1.2, but don't bother).
+        - tests/compat.sh -p GnuTLS -e 'CAMELLIA\|DES\|TLS-RSA-WITH-NULL-SHA256'
+        - tests/scripts/travis-log-failure.sh
+        - tests/context-info.sh
 
     - name: Windows
       os: windows

ChangeLog.d/fix_dh_genprime_error_reporting.txt

@@ -0,0 +1,4 @@
+Bugfix
+   * Fix bug in error reporting in dh_genprime.c where upon failure,
+     the error code returned by mbedtls_mpi_write_file() is overwritten
+     and therefore not printed.

ChangeLog.d/fix_x509_info_hwmodulename.txt

@@ -0,0 +1,5 @@
+Bugfix
+   * Fix a bug in which mbedtls_x509_crt_info() would produce non-printable
+     bytes when parsing certificates containing a binary RFC 4108
+     HardwareModuleName as a Subject Alternative Name extension. Hardware
+     serial numbers are now rendered in hex format. Fixes #6262.

ChangeLog.d/mpi-add-0-ub.txt

@@ -0,0 +1,4 @@
+Bugfix
+   * Fix undefined behavior (typically harmless in practice) of
+     mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int()
+     when both operands are 0 and the left operand is represented with 0 limbs.

ChangeLog.d/mpi-most-negative-sint.txt

@@ -0,0 +1,4 @@
+Bugfix
+   * Fix undefined behavior (typically harmless in practice) when some bignum
+     functions receive the most negative value of mbedtls_mpi_sint. Credit
+     to OSS-Fuzz. Fixes #6597.

ChangeLog.d/negative-zero-from-add.txt

@@ -0,0 +1,6 @@
+Bugfix
+   * In the bignum module, operations of the form (-A) - (+A) or (-A) - (-A)
+     with A > 0 created an unintended representation of the value 0 which was
+     not processed correctly by some bignum operations. Fix this. This had no
+     consequence on cryptography code, but might affect applications that call
+     bignum directly and use negative numbers.

ChangeLog.d/psa-ecb-ub.txt

@@ -0,0 +1,3 @@
+Bugfix
+   * Fix undefined behavior (typically harmless in practice) in PSA ECB
+     encryption and decryption.

README.md

@@ -187,7 +187,7 @@ For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, ad
 -   `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations.
 -   `tests/compat.sh` tests interoperability of every ciphersuite with other implementations.
 -   `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations.
--   `tests/scripts/key-exchanges.pl` test builds in configurations with a single key exchange enabled
+-   `tests/scripts/depends.py` test builds in configurations with a single curve, key exchange, hash, cipher, or pkalg on.
 -   `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc).
 
 Porting Mbed TLS

include/mbedtls/bignum.h

@@ -182,6 +182,20 @@
     #endif /* !MBEDTLS_NO_UDBL_DIVISION */
 #endif /* !MBEDTLS_HAVE_INT64 */
 
+/** \typedef mbedtls_mpi_uint
+ * \brief The type of machine digits in a bignum, called _limbs_.
+ *
+ * This is always an unsigned integer type with no padding bits. The size
+ * is platform-dependent.
+ */
+
+/** \typedef mbedtls_mpi_sint
+ * \brief The signed type corresponding to #mbedtls_mpi_uint.
+ *
+ * This is always an signed integer type with no padding bits. The size
+ * is platform-dependent.
+ */
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -191,9 +205,27 @@ extern "C" {
  */
 typedef struct mbedtls_mpi
 {
-    int s;              /*!<  Sign: -1 if the mpi is negative, 1 otherwise */
-    size_t n;           /*!<  total # of limbs  */
-    mbedtls_mpi_uint *p;          /*!<  pointer to limbs  */
+    /** Sign: -1 if the mpi is negative, 1 otherwise.
+     *
+     * The number 0 must be represented with `s = +1`. Although many library
+     * functions treat all-limbs-zero as equivalent to a valid representation
+     * of 0 regardless of the sign bit, there are exceptions, so bignum
+     * functions and external callers must always set \c s to +1 for the
+     * number zero.
+     *
+     * Note that this implies that calloc() or `... = {0}` does not create
+     * a valid MPI representation. You must call mbedtls_mpi_init().
+     */
+    int s;
+
+    /** Total number of limbs in \c p.  */
+    size_t n;
+
+    /** Pointer to limbs.
+     *
+     * This may be \c NULL if \c n is 0.
+     */
+    mbedtls_mpi_uint *p;
 }
 mbedtls_mpi;
 
@@ -761,11 +793,11 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
  *
  * \param Q        The destination MPI for the quotient.
  *                 This may be \c NULL if the value of the
- *                 quotient is not needed.
+ *                 quotient is not needed. This must not alias A or B.
  * \param R        The destination MPI for the remainder value.
  *                 This may be \c NULL if the value of the
- *                 remainder is not needed.
- * \param A        The dividend. This must point to an initialized MPi.
+ *                 remainder is not needed. This must not alias A or B.
+ * \param A        The dividend. This must point to an initialized MPI.
  * \param B        The divisor. This must point to an initialized MPI.
  *
  * \return         \c 0 if successful.
@@ -782,10 +814,10 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
  *
  * \param Q        The destination MPI for the quotient.
  *                 This may be \c NULL if the value of the
- *                 quotient is not needed.
+ *                 quotient is not needed.  This must not alias A.
  * \param R        The destination MPI for the remainder value.
  *                 This may be \c NULL if the value of the
- *                 remainder is not needed.
+ *                 remainder is not needed.  This must not alias A.
  * \param A        The dividend. This must point to an initialized MPi.
  * \param b        The divisor.
  *
@@ -840,6 +872,7 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
  * \brief          Perform a sliding-window exponentiation: X = A^E mod N
  *
  * \param X        The destination MPI. This must point to an initialized MPI.
+ *                 This must not alias E or N.
  * \param A        The base of the exponentiation.
  *                 This must point to an initialized MPI.
  * \param E        The exponent MPI. This must point to an initialized MPI.

library/Makefile

@@ -187,6 +187,7 @@ all: shared static
 endif
 
 static: libmbedcrypto.a libmbedx509.a libmbedtls.a
+	cd ../tests && echo "This is a seedfile that contains 64 bytes (65 on Windows)......" > seedfile
 
 shared: libmbedcrypto.$(DLEXT) libmbedx509.$(DLEXT) libmbedtls.$(DLEXT)
 

library/aes.c

@@ -1763,7 +1763,8 @@ int mbedtls_aes_self_test( int verbose )
     unsigned char key[32];
     unsigned char buf[64];
     const unsigned char *aes_tests;
-#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB)
+#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_OFB)
     unsigned char iv[16];
 #endif
 #if defined(MBEDTLS_CIPHER_MODE_CBC)

library/aria.c

@@ -37,11 +37,6 @@
 
 #include "mbedtls/platform_util.h"
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
 /* Parameter validation macros */
 #define ARIA_VALIDATE_RET( cond )                                       \
     MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA )

library/bignum.c

@@ -262,6 +262,17 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y )
     memcpy(  Y, &T, sizeof( mbedtls_mpi ) );
 }
 
+static inline mbedtls_mpi_uint mpi_sint_abs( mbedtls_mpi_sint z )
+{
+    if( z >= 0 )
+        return( z );
+    /* Take care to handle the most negative value (-2^(biL-1)) correctly.
+     * A naive -z would have undefined behavior.
+     * Write this in a way that makes popular compilers happy (GCC, Clang,
+     * MSVC). */
+    return( (mbedtls_mpi_uint) 0 - (mbedtls_mpi_uint) z );
+}
+
 /*
  * Set value from integer
  */
@@ -273,7 +284,7 @@ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z )
     MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) );
     memset( X->p, 0, X->n * ciL );
 
-    X->p[0] = ( z < 0 ) ? -z : z;
+    X->p[0] = mpi_sint_abs( z );
     X->s    = ( z < 0 ) ? -1 : 1;
 
 cleanup:
@@ -1093,7 +1104,7 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z )
     mbedtls_mpi_uint p[1];
     MPI_VALIDATE_RET( X != NULL );
 
-    *p  = ( z < 0 ) ? -z : z;
+    *p  = mpi_sint_abs( z );
     Y.s = ( z < 0 ) ? -1 : 1;
     Y.n = 1;
     Y.p = p;
@@ -1130,6 +1141,11 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
         if( B->p[j - 1] != 0 )
             break;
 
+    /* Exit early to avoid undefined behavior on NULL+0 when X->n == 0
+     * and B is 0 (of any size). */
+    if( j == 0 )
+        return( 0 );
+
     MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
 
     o = B->p; p = X->p; c = 0;
@@ -1249,10 +1265,12 @@ cleanup:
     return( ret );
 }
 
-/*
- * Signed addition: X = A + B
+/* Common function for signed addition and subtraction.
+ * Calculate A + B * flip_B where flip_B is 1 or -1.
  */
-int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
+static int add_sub_mpi( mbedtls_mpi *X,
+                        const mbedtls_mpi *A, const mbedtls_mpi *B,
+                        int flip_B )
 {
     int ret, s;
     MPI_VALIDATE_RET( X != NULL );
@@ -1260,16 +1278,21 @@ int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
     MPI_VALIDATE_RET( B != NULL );
 
     s = A->s;
-    if( A->s * B->s < 0 )
+    if( A->s * B->s * flip_B < 0 )
     {
-        if( mbedtls_mpi_cmp_abs( A, B ) >= 0 )
+        int cmp = mbedtls_mpi_cmp_abs( A, B );
+        if( cmp >= 0 )
         {
             MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
-            X->s =  s;
+            /* If |A| = |B|, the result is 0 and we must set the sign bit
+             * to +1 regardless of which of A or B was negative. Otherwise,
+             * since |A| > |B|, the sign is the sign of A. */
+            X->s = cmp == 0 ? 1 : s;
         }
         else
         {
             MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
+            /* Since |A| < |B|, the sign is the opposite of A. */
             X->s = -s;
         }
     }
@@ -1284,39 +1307,20 @@ cleanup:
     return( ret );
 }
 
+/*
+ * Signed addition: X = A + B
+ */
+int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    return( add_sub_mpi( X, A, B, 1 ) );
+}
+
 /*
  * Signed subtraction: X = A - B
  */
 int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
 {
-    int ret, s;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( A != NULL );
-    MPI_VALIDATE_RET( B != NULL );
-
-    s = A->s;
-    if( A->s * B->s > 0 )
-    {
-        if( mbedtls_mpi_cmp_abs( A, B ) >= 0 )
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
-            X->s =  s;
-        }
-        else
-        {
-            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
-            X->s = -s;
-        }
-    }
-    else
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) );
-        X->s = s;
-    }
-
-cleanup:
-
-    return( ret );
+    return( add_sub_mpi( X, A, B, -1 ) );
 }
 
 /*
@@ -1329,7 +1333,7 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint
     MPI_VALIDATE_RET( X != NULL );
     MPI_VALIDATE_RET( A != NULL );
 
-    p[0] = ( b < 0 ) ? -b : b;
+    p[0] = mpi_sint_abs( b );
     B.s = ( b < 0 ) ? -1 : 1;
     B.n = 1;
     B.p = p;
@@ -1347,7 +1351,7 @@ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint
     MPI_VALIDATE_RET( X != NULL );
     MPI_VALIDATE_RET( A != NULL );
 
-    p[0] = ( b < 0 ) ? -b : b;
+    p[0] = mpi_sint_abs( b );
     B.s = ( b < 0 ) ? -1 : 1;
     B.n = 1;
     B.p = p;
@@ -1768,7 +1772,7 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R,
     mbedtls_mpi_uint p[1];
     MPI_VALIDATE_RET( A != NULL );
 
-    p[0] = ( b < 0 ) ? -b : b;
+    p[0] = mpi_sint_abs( b );
     B.s = ( b < 0 ) ? -1 : 1;
     B.n = 1;
     B.p = p;

library/chacha20.c

@@ -36,11 +36,6 @@
 
 #if !defined(MBEDTLS_CHACHA20_ALT)
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
 /* Parameter validation macros */
 #define CHACHA20_VALIDATE_RET( cond )                                       \
     MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA )

library/common.h

@@ -29,8 +29,15 @@
 #include "mbedtls/config.h"
 #endif
 
+#include <stddef.h>
 #include <stdint.h>
 
+/* Define `inline` on some non-C99-compliant compilers. */
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
 /** Helper to define a function as static except when building invasive tests.
  *
  * If a function is only used inside its own source file and should be
@@ -52,6 +59,44 @@
 #define MBEDTLS_STATIC_TESTABLE static
 #endif
 
+/** Return an offset into a buffer.
+ *
+ * This is just the addition of an offset to a pointer, except that this
+ * function also accepts an offset of 0 into a buffer whose pointer is null.
+ * (`p + n` has undefined behavior when `p` is null, even when `n == 0`.
+ * A null pointer is a valid buffer pointer when the size is 0, for example
+ * as the result of `malloc(0)` on some platforms.)
+ *
+ * \param p     Pointer to a buffer of at least n bytes.
+ *              This may be \p NULL if \p n is zero.
+ * \param n     An offset in bytes.
+ * \return      Pointer to offset \p n in the buffer \p p.
+ *              Note that this is only a valid pointer if the size of the
+ *              buffer is at least \p n + 1.
+ */
+static inline unsigned char *mbedtls_buffer_offset(
+    unsigned char *p, size_t n )
+{
+    return( p == NULL ? NULL : p + n );
+}
+
+/** Return an offset into a read-only buffer.
+ *
+ * Similar to mbedtls_buffer_offset(), but for const pointers.
+ *
+ * \param p     Pointer to a buffer of at least n bytes.
+ *              This may be \p NULL if \p n is zero.
+ * \param n     An offset in bytes.
+ * \return      Pointer to offset \p n in the buffer \p p.
+ *              Note that this is only a valid pointer if the size of the
+ *              buffer is at least \p n + 1.
+ */
+static inline const unsigned char *mbedtls_buffer_offset_const(
+    const unsigned char *p, size_t n )
+{
+    return( p == NULL ? NULL : p + n );
+}
+
 /** Byte Reading Macros
  *
  * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th

library/constant_time_internal.h

@@ -45,7 +45,7 @@
  */
 unsigned mbedtls_ct_uint_mask( unsigned value );
 
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
+#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
 
 /** Turn a value into a mask:
  * - if \p value == 0, return the all-bits 0 mask, aka 0
@@ -60,7 +60,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value );
  */
 size_t mbedtls_ct_size_mask( size_t value );
 
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
+#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
 
 #if defined(MBEDTLS_BIGNUM_C)
 

library/debug.c

@@ -30,11 +30,6 @@
 #include <stdio.h>
 #include <string.h>
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
 #define DEBUG_BUF_SIZE      512
 
 static int debug_threshold = 0;

library/ecp.c

@@ -104,11 +104,6 @@
 #endif
 #endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
 #if defined(MBEDTLS_SELF_TEST)
 /*
  * Counts of point addition and doubling, and field multiplications.
@@ -2051,7 +2046,7 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R
 
         int have_rng = 1;
 #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-        if( f_rng == 0 )
+        if( f_rng == NULL )
             have_rng = 0;
 #endif
         if( have_rng )
@@ -2190,7 +2185,7 @@ final_norm:
      */
     int have_rng = 1;
 #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-    if( f_rng == 0 )
+    if( f_rng == NULL )
         have_rng = 0;
 #endif
     if( have_rng )

library/ecp_curves.c

@@ -38,11 +38,6 @@
 #define ECP_VALIDATE( cond )        \
     MBEDTLS_INTERNAL_VALIDATE( cond )
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
 #define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)}
 
 #define ECP_MPI_INIT_ARRAY(x)   \

library/mps_reader.c

@@ -29,11 +29,6 @@
 
 #include <string.h>
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
 #if defined(MBEDTLS_MPS_ENABLE_TRACE)
 static int mbedtls_mps_trace_id = MBEDTLS_MPS_TRACE_BIT_READER;
 #endif /* MBEDTLS_MPS_ENABLE_TRACE */

library/poly1305.c

@@ -32,11 +32,6 @@
 
 #if !defined(MBEDTLS_POLY1305_ALT)
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
-    !defined(inline) && !defined(__cplusplus)
-#define inline __inline
-#endif
-
 /* Parameter validation macros */
 #define POLY1305_VALIDATE_RET( cond )                                       \
     MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA )

library/psa_crypto.c

@@ -3638,8 +3638,8 @@ psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key,
     status = psa_driver_wrapper_cipher_encrypt(
         &attributes, slot->key.data, slot->key.bytes,
         alg, local_iv, default_iv_length, input, input_length,
-        output + default_iv_length, output_size - default_iv_length,
-        output_length );
+        mbedtls_buffer_offset( output, default_iv_length ),
+        output_size - default_iv_length, output_length );
 
 exit:
     unlock_status = psa_unlock_key_slot( slot );

library/psa_crypto_cipher.c

@@ -514,9 +514,10 @@ psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
     if( status != PSA_SUCCESS )
         goto exit;
 
-    status = mbedtls_psa_cipher_finish( &operation, output + update_output_length,
-                            output_size - update_output_length,
-                            &finish_output_length );
+    status = mbedtls_psa_cipher_finish(
+        &operation,
+        mbedtls_buffer_offset( output, update_output_length ),
+        output_size - update_output_length, &finish_output_length );
     if( status != PSA_SUCCESS )
         goto exit;
 
@@ -560,7 +561,9 @@ psa_status_t mbedtls_psa_cipher_decrypt(
             goto exit;
     }
 
-    status = mbedtls_psa_cipher_update( &operation, input + operation.iv_length,
+    status = mbedtls_psa_cipher_update(
+        &operation,
+        mbedtls_buffer_offset_const( input, operation.iv_length ),
         input_length - operation.iv_length,
         output, output_size, &olength );
     if( status != PSA_SUCCESS )
@@ -568,9 +571,10 @@ psa_status_t mbedtls_psa_cipher_decrypt(
 
     accumulated_length = olength;
 
-    status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length,
-                                        output_size - accumulated_length,
-                                        &olength );
+    status = mbedtls_psa_cipher_finish(
+        &operation,
+        mbedtls_buffer_offset( output, accumulated_length ),
+        output_size - accumulated_length, &olength );
     if( status != PSA_SUCCESS )
         goto exit;
 

library/ssl_cli.c

@@ -1089,11 +1089,6 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
      * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
      * generate and include a Session ID in the TLS ClientHello."
      */
-    renegotiating = 0;
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-        renegotiating = 1;
-#endif
     if( !renegotiating )
     {
         if( ssl->session_negotiate->ticket != NULL &&
@@ -1209,11 +1204,6 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
     /*
      * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
      */
-    renegotiating = 0;
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
-        renegotiating = 1;
-#endif
     if( !renegotiating )
     {
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
@@ -2065,6 +2055,30 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
 }
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 
+static int is_compression_bad( mbedtls_ssl_context *ssl, unsigned char comp )
+{
+    int bad_comp = 0;
+
+    /* Suppress warnings in some configurations */
+    (void) ssl;
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    /* See comments in ssl_write_client_hello() */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        comp != MBEDTLS_SSL_COMPRESS_NULL )
+        bad_comp = 1;
+#endif
+
+    if( comp != MBEDTLS_SSL_COMPRESS_NULL &&
+        comp != MBEDTLS_SSL_COMPRESS_DEFLATE )
+        bad_comp = 1;
+#else /* MBEDTLS_ZLIB_SUPPORT */
+    if( comp != MBEDTLS_SSL_COMPRESS_NULL )
+        bad_comp = 1;
+#endif/* MBEDTLS_ZLIB_SUPPORT */
+    return bad_comp;
+}
+
 MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
 {
@@ -2073,9 +2087,6 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
     size_t ext_len;
     unsigned char *buf, *ext;
     unsigned char comp;
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    int accept_comp;
-#endif
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
     int renegotiation_info_seen = 0;
 #endif
@@ -2244,23 +2255,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
      */
     comp = buf[37 + n];
 
-    int bad_comp = 0;
-#if defined(MBEDTLS_ZLIB_SUPPORT)
-    /* See comments in ssl_write_client_hello() */
-    accept_comp = 1;
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        accept_comp = 0;
-#endif
-
-    if( comp != MBEDTLS_SSL_COMPRESS_NULL &&
-        ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) )
-        bad_comp = 1;
-#else /* MBEDTLS_ZLIB_SUPPORT */
-    if( comp != MBEDTLS_SSL_COMPRESS_NULL )
-        bad_comp = 1;
-#endif/* MBEDTLS_ZLIB_SUPPORT */
-    if( bad_comp )
+    if( is_compression_bad( ssl, comp ) )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1,
             ( "server hello, bad compression: %d", comp ) );
@@ -2693,7 +2688,7 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
     grp_id = ssl->handshake->ecdh_ctx.grp.id;
 #else
     grp_id = ssl->handshake->ecdh_ctx.grp_id;
-#endif
+#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
 
     curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id );
     if( curve_info == NULL )
@@ -2704,17 +2699,14 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
 
-    int bad_params = 0;
 #if defined(MBEDTLS_ECP_C)
     if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 )
-        bad_params = 1;
+        return( -1 );
 #else
     if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
         ssl->handshake->ecdh_ctx.grp.nbits > 521 )
-        bad_params = 1;
-#endif
-    if( bad_params )
         return( -1 );
+#endif /* MBEDTLS_ECP_C */
 
     MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
                             MBEDTLS_DEBUG_ECDH_QP );
@@ -3462,25 +3454,23 @@ start_processing:
 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
         if( ssl->handshake->ecrs_enabled )
             rs_ctx = &ssl->handshake->ecrs_ctx.pk;
-#endif
+#endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */
 
         if( ( ret = mbedtls_pk_verify_restartable( peer_pk,
                         md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 )
         {
-            int send_alert_msg = 1;
 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-            send_alert_msg = ( ret != MBEDTLS_ERR_ECP_IN_PROGRESS );
-#endif
-            if( send_alert_msg )
+            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret );
+                return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS );
+            }
+#endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */
             mbedtls_ssl_send_alert_message(
                 ssl,
                 MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                 MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
             MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret );
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
-                ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
-#endif
             return( ret );
         }
 

library/ssl_msg.c

@@ -1884,8 +1884,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
 
     if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL )
     {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() "
-                            "or mbedtls_ssl_set_bio()" ) );
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " ) );
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
 
@@ -2100,8 +2099,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
 
     if( ssl->f_send == NULL )
     {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() "
-                            "or mbedtls_ssl_set_bio()" ) );
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " ) );
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
 

library/ssl_ticket.c

@@ -148,16 +148,22 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
 
     int do_mbedtls_cipher_setup = 1;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    do_mbedtls_cipher_setup = 0;
-
     ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
                                     cipher_info, TICKET_AUTH_TAG_BYTES );
-    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
-        return( ret );
+
+    switch( ret )
+    {
+        case 0:
+            do_mbedtls_cipher_setup = 0;
+            break;
+        case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
             /* We don't yet expect to support all ciphers through PSA,
              * so allow fallback to ordinary mbedtls_cipher_setup(). */
-    if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
             do_mbedtls_cipher_setup = 1;
+            break;
+        default:
+            return( ret );
+    }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     if( do_mbedtls_cipher_setup )
         if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) )

library/ssl_tls.c

@@ -6519,24 +6519,41 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
  * Helper to get TLS 1.2 PRF from ciphersuite
  * (Duplicates bits of logic from ssl_set_handshake_prfs().)
  */
+#if defined(MBEDTLS_SHA256_C) || \
+    (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384))
 typedef int (*tls_prf_fn)( const unsigned char *secret, size_t slen,
                            const char *label,
                            const unsigned char *random, size_t rlen,
                            unsigned char *dstbuf, size_t dlen );
 static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id )
 {
-#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
     const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
          mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
 
+    if( ciphersuite_info == NULL )
+        return( NULL );
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
     if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
         return( tls_prf_sha384 );
-#else
-    (void) ciphersuite_id;
+    else
 #endif
+#if defined(MBEDTLS_SHA256_C)
+    {
+        if( ciphersuite_info->mac == MBEDTLS_MD_SHA256 )
             return( tls_prf_sha256 );
+    }
+#endif
+#if !defined(MBEDTLS_SHA256_C) && \
+    (!defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA512_NO_SHA384))
+    (void) ciphersuite_info;
+#endif
+    return( NULL );
 }
 
+#endif /* MBEDTLS_SHA256_C ||
+          (MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384) */
+
 /*
  * Deserialize context, see mbedtls_ssl_context_save() for format.
  *
@@ -6552,6 +6569,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
     const unsigned char * const end = buf + len;
     size_t session_len;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    tls_prf_fn prf_func = NULL;
 
     /*
      * The context should have been freshly setup or reset.
@@ -6639,6 +6657,10 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
     ssl->transform_out = ssl->transform;
     ssl->transform_negotiate = NULL;
 
+    prf_func = ssl_tls12prf_from_cs( ssl->session->ciphersuite );
+    if( prf_func == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
     /* Read random bytes and populate structure */
     if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -6657,7 +6679,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
 #if defined(MBEDTLS_ZLIB_SUPPORT)
                   ssl->session->compression,
 #endif
-                  ssl_tls12prf_from_cs( ssl->session->ciphersuite ),
+                  prf_func,
                   p, /* currently pointing to randbytes */
                   MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */
                   ssl->conf->endpoint,

library/ssl_tls13_keys.c

@@ -24,6 +24,7 @@
 #include "mbedtls/hkdf.h"
 #include "mbedtls/ssl_internal.h"
 #include "ssl_tls13_keys.h"
+#include "psa/crypto_sizes.h"
 
 #include <stdint.h>
 #include <string.h>
@@ -31,6 +32,9 @@
 #define MBEDTLS_SSL_TLS1_3_LABEL( name, string )       \
     .name = string,
 
+#define TLS1_3_EVOLVE_INPUT_SIZE ( PSA_HASH_MAX_SIZE > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ) ? \
+                                     PSA_HASH_MAX_SIZE : PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
+
 struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels =
 {
     /* This seems to work in C, despite the string literal being one
@@ -292,8 +296,8 @@ int mbedtls_ssl_tls1_3_evolve_secret(
 {
     int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
     size_t hlen, ilen;
-    unsigned char tmp_secret[ MBEDTLS_MD_MAX_SIZE ] = { 0 };
-    unsigned char tmp_input [ MBEDTLS_MD_MAX_SIZE ] = { 0 };
+    unsigned char tmp_secret[ PSA_MAC_MAX_SIZE ] = { 0 };
+    unsigned char tmp_input [ TLS1_3_EVOLVE_INPUT_SIZE ] = { 0 };
 
     const mbedtls_md_info_t *md;
     md = mbedtls_md_info_from_type( hash_alg );

library/x509_crt.c

@@ -1780,6 +1780,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size,
                                        const char *prefix )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t i;
     size_t n = *size;
     char *p = *buf;
     const mbedtls_x509_sequence *cur = subject_alt_name;
@@ -1832,18 +1833,11 @@ static int x509_info_subject_alt_name( char **buf, size_t *size,
                     ret = mbedtls_snprintf( p, n, "\n%s            hardware serial number : ", prefix );
                     MBEDTLS_X509_SAFE_SNPRINTF;
 
-                    if( other_name->value.hardware_module_name.val.len >= n )
+                    for( i = 0; i < other_name->value.hardware_module_name.val.len; i++ )
                     {
-                        *p = '\0';
-                        return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
+                        ret = mbedtls_snprintf( p, n, "%02X", other_name->value.hardware_module_name.val.p[i] );
+                        MBEDTLS_X509_SAFE_SNPRINTF;
                     }
-
-                    memcpy( p, other_name->value.hardware_module_name.val.p,
-                            other_name->value.hardware_module_name.val.len );
-                    p += other_name->value.hardware_module_name.val.len;
-
-                    n -= other_name->value.hardware_module_name.val.len;
-
                 }/* MBEDTLS_OID_ON_HW_MODULE_NAME */
             }
             break;

programs/fuzz/fuzz_dtlsserver.c

@@ -10,11 +10,12 @@
 #include "mbedtls/timing.h"
 #include "mbedtls/ssl_cookie.h"
 
-
 #if defined(MBEDTLS_SSL_SRV_C) && \
     defined(MBEDTLS_ENTROPY_C) && \
     defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_TIMING_C)
+    defined(MBEDTLS_TIMING_C) && \
+    ( defined(MBEDTLS_SHA256_C) || \
+        ( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) ) )
 const char *pers = "fuzz_dtlsserver";
 const unsigned char client_ip[4] = {0x7F, 0, 0, 1};
 static int initialized = 0;
@@ -30,7 +31,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
     defined(MBEDTLS_SSL_SRV_C) && \
     defined(MBEDTLS_ENTROPY_C) && \
     defined(MBEDTLS_CTR_DRBG_C) && \
-    defined(MBEDTLS_TIMING_C)
+    defined(MBEDTLS_TIMING_C) && \
+    ( defined(MBEDTLS_SHA256_C) || \
+        ( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) ) )
     int ret;
     size_t len;
     mbedtls_ssl_context ssl;

programs/pkey/dh_genprime.c

@@ -161,8 +161,8 @@ int main( int argc, char **argv )
         goto exit;
     }
 
-    if( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 ) ||
-        ( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) != 0 ) )
+    if( ( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) ) != 0 ) ||
+        ( ( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) ) != 0 ) )
     {
         mbedtls_printf( " failed\n  ! mbedtls_mpi_write_file returned %d\n\n", ret );
         fclose( fout );

programs/ssl/ssl_client2.c

@@ -116,7 +116,7 @@ int main( void )
 #define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
 #define GET_REQUEST_END "\r\n\r\n"
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 #define USAGE_CONTEXT_CRT_CB \
     "    context_crt_cb=%%d   This determines whether the CRT verification callback is bound\n" \
     "                        to the SSL configuration of the SSL context.\n" \
@@ -125,8 +125,8 @@ int main( void )
     "                        - 1: Use CRT callback bound to SSL context\n"
 #else
 #define USAGE_CONTEXT_CRT_CB ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 #if defined(MBEDTLS_FS_IO)
 #define USAGE_IO \
     "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
@@ -144,10 +144,10 @@ int main( void )
 #define USAGE_IO \
     "    No file operations available (MBEDTLS_FS_IO not defined)\n"
 #endif /* MBEDTLS_FS_IO */
-#else /* MBEDTLS_X509_CRT_PARSE_C */
+#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 #define USAGE_IO ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 #define USAGE_KEY_OPAQUE \
     "    key_opaque=%%d       Handle your private key as if it were opaque\n" \
     "                        default: 0 (disabled)\n"
@@ -375,6 +375,8 @@ int main( void )
     "                        a second non-empty message before attempting\n" \
     "                        to read a response from the server\n"           \
     "    debug_level=%%d      default: 0 (disabled)\n"             \
+    "    build_version=%%d    default: none (disabled)\n"                     \
+    "                        option: 1 (print build version only and stop)\n" \
     "    nbio=%%d             default: 0 (blocking I/O)\n"         \
     "                        options: 1 (non-blocking), 2 (added delays)\n"   \
     "    event=%%d            default: 0 (loop)\n"                            \
@@ -527,7 +529,7 @@ struct options
 
 #include "ssl_test_common_source.c"
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 static unsigned char peer_crt_info[1024];
 
 /*
@@ -559,7 +561,7 @@ static int my_verify( void *data, mbedtls_x509_crt *crt,
 
     return( 0 );
 }
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
 int report_cid_usage( mbedtls_ssl_context *ssl,
@@ -689,9 +691,6 @@ int main( int argc, char *argv[] )
     psa_status_t status;
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
-#endif
     rng_context_t rng;
     mbedtls_ssl_context ssl;
     mbedtls_ssl_config conf;
@@ -701,15 +700,16 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_TIMING_C)
     mbedtls_timing_delay_context timer;
 #endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     uint32_t flags;
     mbedtls_x509_crt cacert;
     mbedtls_x509_crt clicert;
     mbedtls_pk_context pkey;
+    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     psa_key_id_t key_slot = 0; /* invalid key slot */
 #endif
-#endif  /* MBEDTLS_X509_CRT_PARSE_C */
+#endif  /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
     char *p, *q;
     const int *list;
 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
@@ -752,7 +752,7 @@ int main( int argc, char *argv[] )
     mbedtls_ssl_config_init( &conf );
     memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
     rng_init( &rng );
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     mbedtls_x509_crt_init( &cacert );
     mbedtls_x509_crt_init( &clicert );
     mbedtls_pk_init( &pkey );
@@ -901,6 +901,16 @@ int main( int argc, char *argv[] )
             if( opt.debug_level < 0 || opt.debug_level > 65535 )
                 goto usage;
         }
+        else if( strcmp( p, "build_version" ) == 0 )
+        {
+            if( strcmp( q, "1" ) == 0 )
+            {
+                mbedtls_printf( "build version: %s (build %d)\n",
+                                MBEDTLS_VERSION_STRING_FULL,
+                                MBEDTLS_VERSION_NUMBER );
+                goto exit;
+            }
+        }
         else if( strcmp( p, "context_crt_cb" ) == 0 )
         {
             opt.context_crt_cb = atoi( q );
@@ -946,7 +956,7 @@ int main( int argc, char *argv[] )
             opt.key_file = q;
         else if( strcmp( p, "key_pwd" ) == 0 )
             opt.key_pwd = q;
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
         else if( strcmp( p, "key_opaque" ) == 0 )
             opt.key_opaque = atoi( q );
 #endif
@@ -1531,6 +1541,9 @@ int main( int argc, char *argv[] )
     }
 #endif /* MBEDTLS_SSL_ALPN */
 
+    mbedtls_printf( "build version: %s (build %d)\n",
+                    MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER );
+
     /*
      * 0. Initialize the RNG and the session data
      */
@@ -1542,7 +1555,7 @@ int main( int argc, char *argv[] )
         goto exit;
     mbedtls_printf( " ok\n" );
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     /*
      * 1.1. Load the trusted CA
      */
@@ -1673,7 +1686,7 @@ int main( int argc, char *argv[] )
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
     mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
     /*
      * 2. Start the connection
@@ -1725,7 +1738,7 @@ int main( int argc, char *argv[] )
         goto exit;
     }
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     /* The default algorithms profile disables SHA-1, but our tests still
        rely on it heavily. */
     if( opt.allow_sha1 > 0 )
@@ -1739,7 +1752,7 @@ int main( int argc, char *argv[] )
         mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
 
     memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
     if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
@@ -1910,7 +1923,7 @@ int main( int argc, char *argv[] )
     mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     if( strcmp( opt.ca_path, "none" ) != 0 &&
         strcmp( opt.ca_file, "none" ) != 0 )
     {
@@ -1931,7 +1944,7 @@ int main( int argc, char *argv[] )
             goto exit;
         }
     }
-#endif  /* MBEDTLS_X509_CRT_PARSE_C */
+#endif  /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_ECP_C)
     if( opt.curves != NULL &&
@@ -2001,7 +2014,7 @@ int main( int argc, char *argv[] )
         goto exit;
     }
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n",
@@ -2024,10 +2037,10 @@ int main( int argc, char *argv[] )
     }
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     if( opt.context_crt_cb == 1 )
         mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
     io_ctx.ssl = &ssl;
     io_ctx.net = &server_fd;
@@ -2327,7 +2340,7 @@ int main( int argc, char *argv[] )
         }
     }
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     /*
      * 5. Verify the server certificate
      */
@@ -2349,7 +2362,7 @@ int main( int argc, char *argv[] )
 
     mbedtls_printf( "  . Peer certificate information    ...\n" );
     mbedtls_printf( "%s\n", peer_crt_info );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
     ret = report_cid_usage( &ssl, "initial handshake" );
@@ -2677,9 +2690,9 @@ send_request:
         mbedtls_printf( "  . Restarting connection from same port..." );
         fflush( stdout );
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
         memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
         if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
         {
@@ -2913,9 +2926,9 @@ reconnect:
 
         mbedtls_printf( "  . Reconnecting with saved session..." );
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
         memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
         if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
         {
@@ -3009,14 +3022,14 @@ exit:
     mbedtls_free( context_buf );
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     mbedtls_x509_crt_free( &clicert );
     mbedtls_x509_crt_free( &cacert );
     mbedtls_pk_free( &pkey );
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     psa_destroy_key( key_slot );
 #endif
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
     defined(MBEDTLS_USE_PSA_CRYPTO)

programs/ssl/ssl_server2.c

@@ -168,7 +168,7 @@ int main( void )
  */
 #define DFL_IO_BUF_LEN      200
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 #if defined(MBEDTLS_FS_IO)
 #define USAGE_IO \
     "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
@@ -199,8 +199,8 @@ int main( void )
 #endif /* MBEDTLS_FS_IO */
 #else
 #define USAGE_IO ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 #define USAGE_KEY_OPAQUE \
     "    key_opaque=%%d       Handle your private keys as if they were opaque\n" \
     "                        default: 0 (disabled)\n"
@@ -466,6 +466,8 @@ int main( void )
     "    server_addr=%%s      default: (all interfaces)\n"  \
     "    server_port=%%d      default: 4433\n"              \
     "    debug_level=%%d      default: 0 (disabled)\n"      \
+    "    build_version=%%d    default: none (disabled)\n"                     \
+    "                        option: 1 (print build version only and stop)\n" \
     "    buffer_size=%%d      default: 200 \n" \
     "                         (minimum: 1, max: 16385)\n" \
     "    response_size=%%d    default: about 152 (basic response)\n" \
@@ -1029,14 +1031,6 @@ typedef enum
     ASYNC_OP_SIGN,
     ASYNC_OP_DECRYPT,
 } ssl_async_operation_type_t;
-/* Note that the enum above and the array below need to be kept in sync!
- * `ssl_async_operation_names[op]` is the name of op for each value `op`
- * of type `ssl_async_operation_type_t`. */
-static const char *const ssl_async_operation_names[] =
-{
-    "sign",
-    "decrypt",
-};
 
 typedef struct
 {
@@ -1048,6 +1042,17 @@ typedef struct
     unsigned remaining_delay;
 } ssl_async_operation_context_t;
 
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+
+/* Note that ssl_async_operation_type_t and the array below need to be kept in sync!
+ * `ssl_async_operation_names[op]` is the name of op for each value `op`
+ * of type `ssl_async_operation_type_t`. */
+static const char *const ssl_async_operation_names[] =
+{
+    "sign",
+    "decrypt",
+};
+
 static int ssl_async_start( mbedtls_ssl_context *ssl,
                             mbedtls_x509_crt *cert,
                             ssl_async_operation_type_t op_type,
@@ -1199,6 +1204,7 @@ static void ssl_async_cancel( mbedtls_ssl_context *ssl )
     mbedtls_printf( "Async cancel callback.\n" );
     mbedtls_free( ctx );
 }
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -1300,10 +1306,6 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_SSL_COOKIE_C)
     mbedtls_ssl_cookie_ctx cookie_ctx;
 #endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
-#endif
     rng_context_t rng;
     mbedtls_ssl_context ssl;
     mbedtls_ssl_config conf;
@@ -1313,22 +1315,23 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
     unsigned char renego_period[8] = { 0 };
 #endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     uint32_t flags;
     mbedtls_x509_crt cacert;
     mbedtls_x509_crt srvcert;
     mbedtls_pk_context pkey;
     mbedtls_x509_crt srvcert2;
     mbedtls_pk_context pkey2;
+    mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     psa_key_id_t key_slot = 0; /* invalid key slot */
     psa_key_id_t key_slot2 = 0; /* invalid key slot */
 #endif
     int key_cert_init = 0, key_cert_init2 = 0;
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
     ssl_async_key_context_t ssl_async_keys;
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
     mbedtls_dhm_context dhm;
 #endif
@@ -1407,16 +1410,16 @@ int main( int argc, char *argv[] )
     mbedtls_ssl_init( &ssl );
     mbedtls_ssl_config_init( &conf );
     rng_init( &rng );
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     mbedtls_x509_crt_init( &cacert );
     mbedtls_x509_crt_init( &srvcert );
     mbedtls_pk_init( &pkey );
     mbedtls_x509_crt_init( &srvcert2 );
     mbedtls_pk_init( &pkey2 );
+#endif
 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
     memset( &ssl_async_keys, 0, sizeof( ssl_async_keys ) );
 #endif
-#endif
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
     mbedtls_dhm_init( &dhm );
 #endif
@@ -1588,6 +1591,16 @@ int main( int argc, char *argv[] )
             if( opt.debug_level < 0 || opt.debug_level > 65535 )
                 goto usage;
         }
+        else if( strcmp( p, "build_version" ) == 0 )
+        {
+            if( strcmp( q, "1" ) == 0 )
+            {
+                mbedtls_printf( "build version: %s (build %d)\n",
+                                MBEDTLS_VERSION_STRING_FULL,
+                                MBEDTLS_VERSION_NUMBER );
+                goto exit;
+            }
+        }
         else if( strcmp( p, "nbio" ) == 0 )
         {
             opt.nbio = atoi( q );
@@ -1626,7 +1639,7 @@ int main( int argc, char *argv[] )
             opt.key_file = q;
         else if( strcmp( p, "key_pwd" ) == 0 )
             opt.key_pwd = q;
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
         else if( strcmp( p, "key_opaque" ) == 0 )
             opt.key_opaque = atoi( q );
 #endif
@@ -2335,6 +2348,9 @@ int main( int argc, char *argv[] )
     }
 #endif /* MBEDTLS_SSL_ALPN */
 
+    mbedtls_printf( "build version: %s (build %d)\n",
+                    MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER );
+
     /*
      * 0. Initialize the RNG and the session data
      */
@@ -2346,7 +2362,7 @@ int main( int argc, char *argv[] )
         goto exit;
     mbedtls_printf( " ok\n" );
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     /*
      * 1.1. Load the trusted CA
      */
@@ -2544,7 +2560,7 @@ int main( int argc, char *argv[] )
 #endif /* MBEDTLS_CERTS_C */
 
     mbedtls_printf( " ok (key types: %s - %s)\n", mbedtls_pk_get_name( &pkey ), mbedtls_pk_get_name( &pkey2 ) );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
     if( opt.dhm_file != NULL )
@@ -2613,7 +2629,7 @@ int main( int argc, char *argv[] )
         goto exit;
     }
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     /* The default algorithms profile disables SHA-1, but our tests still
        rely on it heavily. Hence we allow it here. A real-world server
        should use the default profile unless there is a good reason not to. */
@@ -2623,7 +2639,7 @@ int main( int argc, char *argv[] )
         mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
         mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test );
     }
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
     if( opt.auth_mode != DFL_AUTH_MODE )
         mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
@@ -2877,7 +2893,7 @@ int main( int argc, char *argv[] )
     }
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     if( strcmp( opt.ca_path, "none" ) != 0 &&
         strcmp( opt.ca_file, "none" ) != 0 )
     {
@@ -2966,7 +2982,7 @@ int main( int argc, char *argv[] )
                                            &ssl_async_keys );
     }
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(SNI_OPTION)
     if( opt.sni != NULL )
@@ -3216,8 +3232,6 @@ reset:
     }
 #endif
 
-    mbedtls_printf( " ok\n" );
-
     /*
      * 4. Handshake
      */
@@ -3262,7 +3276,7 @@ handshake:
     {
         mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
         if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
         {
             char vrfy_buf[512];
@@ -3308,7 +3322,7 @@ handshake:
     }
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     /*
      * 5. Verify the client certificate
      */
@@ -3336,7 +3350,7 @@ handshake:
                        mbedtls_ssl_get_peer_cert( &ssl ) );
         mbedtls_printf( "%s\n", crt_buf );
     }
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 #if defined(MBEDTLS_SSL_EXPORT_KEYS)
     if( opt.eap_tls != 0 )
@@ -4032,7 +4046,7 @@ exit:
         mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
 #endif
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     mbedtls_x509_crt_free( &cacert );
     mbedtls_x509_crt_free( &srvcert );
     mbedtls_pk_free( &pkey );

programs/ssl/ssl_test_lib.h

@@ -20,6 +20,8 @@
 #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
 #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
 
+#include "mbedtls/version.h"
+
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
 #else

programs/test/benchmark.c

@@ -737,7 +737,8 @@ int main( int argc, char *argv[] )
     }
 #endif
 
-#if defined(MBEDTLS_HMAC_DRBG_C)
+#if defined(MBEDTLS_HMAC_DRBG_C) && \
+    ( defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C) )
     if( todo.hmac_drbg )
     {
         mbedtls_hmac_drbg_context hmac_drbg;
@@ -780,7 +781,7 @@ int main( int argc, char *argv[] )
 #endif
         mbedtls_hmac_drbg_free( &hmac_drbg );
     }
-#endif
+#endif /* MBEDTLS_HMAC_DRBG_C && ( MBEDTLS_SHA1_C || MBEDTLS_SHA256_C ) */
 
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
     if( todo.rsa )

tests/compat.sh

@@ -867,12 +867,15 @@ setup_arguments()
     G_MODE=""
     case "$MODE" in
         "ssl3")
+            O_MODE="ssl3"
             G_PRIO_MODE="+VERS-SSL3.0"
             ;;
         "tls1")
+            O_MODE="tls1"
             G_PRIO_MODE="+VERS-TLS1.0"
             ;;
         "tls1_1")
+            O_MODE="tls1_1"
             G_PRIO_MODE="+VERS-TLS1.1"
             ;;
         "tls12")
@@ -880,6 +883,7 @@ setup_arguments()
             G_PRIO_MODE="+VERS-TLS1.2"
             ;;
         "dtls1")
+            O_MODE="dtls1"
             G_PRIO_MODE="+VERS-DTLS1.0"
             G_MODE="-u"
             ;;
@@ -930,6 +934,20 @@ setup_arguments()
     G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE"
     G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL"
 
+    # Newer versions of OpenSSL have a syntax to enable all "ciphers", even
+    # low-security ones. This covers not just cipher suites but also protocol
+    # versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on
+    # OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in
+    # OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find
+    # a way to discover it from -help, so check the openssl version.
+    case $($OPENSSL_CMD version) in
+        "OpenSSL 0"*|"OpenSSL 1.0"*) :;;
+        *)
+            O_CLIENT_ARGS="$O_CLIENT_ARGS -cipher ALL@SECLEVEL=0"
+            O_SERVER_ARGS="$O_SERVER_ARGS -cipher ALL@SECLEVEL=0"
+            ;;
+    esac
+
     if [ "X$VERIFY" = "XYES" ];
     then
         M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"

tests/data_files/Makefile

@@ -276,8 +276,11 @@ all_final += server5-ss-forgeca.crt
 server5-othername.crt: server5.key
 	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -out $@
 
+server5-nonprintable_othername.crt: server5.key
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS non-printable othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions nonprintable_othername_san -days 3650 -sha256 -key $< -out $@
+
 server5-unsupported_othername.crt: server5.key
-	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupoported_othername_san -days 3650 -sha256 -key $< -out $@
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupported_othername_san -days 3650 -sha256 -key $< -out $@
 
 server5-fan.crt: server5.key
 	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -out $@
@@ -909,6 +912,11 @@ server1.req.sha256: server1.key
 	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256
 all_final += server1.req.sha256
 
+server1.req.sha256.ext: server1.key
+	# Generating this with OpenSSL as a comparison point to test we're getting the same result
+	openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth"
+all_final += server1.req.sha256.ext
+
 server1.req.sha384: server1.key
 	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384
 all_final += server1.req.sha384

tests/data_files/server1.req.sha256.ext

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICpzCCAY8CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
+GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
+ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
+HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
+W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
+FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
+DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAmMCQGCSqGSIb3DQEJDjEX
+MBUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAHi0yEGu
+Fh5tuLiLuT95UrRnly55+lTY9xchFiKtlcoEdSheybYxqk3JHuSSqojOFKZBlRdk
+oG6Azg56/aMHPWyvtCMSRQX4b+FgjeQsm9IfhYNMquQOxyPxm62vjuU3MfZIofXH
+hKdI6Ci2CDF4Fyvw50KBWniV38eE9+kjsvDLdXD3ESZJGhjjuFl8ReUiA2wdBTcP
+XEZaXUIc6B4tUnlPeqn/2zp4GBqqWzNZx6TXBpApASGG3BEJnM52FVPC7E9p+8YZ
+qIGuiF5Cz/rYZkpwffBWIfS2zZakHLm5TB8FgZkWlyReJU9Ihk2Tl/sZ1kllFdYa
+xLPnLCL82KFL1Co=
+-----END CERTIFICATE REQUEST-----

tests/data_files/server5-nonprintable_othername.crt

@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBwTCCAWagAwIBAgIBTTAKBggqhkjOPQQDAjBPMQswCQYDVQQGEwJVSzERMA8G
+A1UECgwITWJlZCBUTFMxLTArBgNVBAMMJE1iZWQgVExTIG5vbi1wcmludGFibGUg
+b3RoZXJuYW1lIFNBTjAeFw0yMjA5MDYxNTU2NDdaFw0zMjA5MDMxNTU2NDdaME8x
+CzAJBgNVBAYTAlVLMREwDwYDVQQKDAhNYmVkIFRMUzEtMCsGA1UEAwwkTWJlZCBU
+TFMgbm9uLXByaW50YWJsZSBvdGhlcm5hbWUgU0FOMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/
+6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6MzMDEwLwYDVR0RBCgwJqAkBggrBgEF
+BQcIBKAYMBYGBysGAQQBEQMECzEyM4CBAIGAMzIxMAoGCCqGSM49BAMCA0kAMEYC
+IQDATir07PTj5gtf+HAyI+nd27AH9+bdaWdOI2t2bAwUWgIhAO7kvdcsa++yfJdT
+3vnWdvcHRIAdXA0kh+mcBMaXk9B0
+-----END CERTIFICATE-----

tests/data_files/test-ca.opensslconf

@@ -15,7 +15,10 @@ basicConstraints = CA:true
 [othername_san]
 subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
 
-[unsupoported_othername_san]
+[nonprintable_othername_san]
+subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
+
+[unsupported_othername_san]
 subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
 
 [dns_alt_names]
@@ -34,6 +37,10 @@ subjectAltName=@alt_names
 hwtype = OID:1.3.6.1.4.1.17.3
 hwserial = OCT:123456
 
+[nonprintable_hw_module_name]
+hwtype = OID:1.3.6.1.4.1.17.3
+hwserial = FORMAT:HEX, OCT:3132338081008180333231
+
 [v3_any_policy_ca]
 basicConstraints = CA:true
 certificatePolicies = 2.5.29.32.0

tests/include/test/helpers.h

@@ -360,11 +360,17 @@ void mbedtls_test_err_add_check( int high, int low,
 #if defined(MBEDTLS_BIGNUM_C)
 /** Read an MPI from a hexadecimal string.
  *
- * Like mbedtls_mpi_read_string(), but size the resulting bignum based
- * on the number of digits in the string. In particular, construct a
- * bignum with 0 limbs for an empty string, and a bignum with leading 0
- * limbs if the string has sufficiently many leading 0 digits.
+ * Like mbedtls_mpi_read_string(), but with tighter guarantees around
+ * edge cases.
  *
+ * - This function guarantees that if \p s begins with '-' then the sign
+ *   bit of the result will be negative, even if the value is 0.
+ *   When this function encounters such a "negative 0", it
+ *   increments #mbedtls_test_case_uses_negative_0.
+ * - The size of the result is exactly the minimum number of limbs needed
+ *   to fit the digits in the input. In particular, this function constructs
+ *   a bignum with 0 limbs for an empty string, and a bignum with leading 0
+ *   limbs if the string has sufficiently many leading 0 digits.
  *   This is important so that the "0 (null)" and "0 (1 limb)" and
  *   "leading zeros" test cases do what they claim.
  *
@@ -374,6 +380,14 @@ void mbedtls_test_err_add_check( int high, int low,
  * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
  */
 int mbedtls_test_read_mpi( mbedtls_mpi *X, const char *s );
+
+/** Nonzero if the current test case had an input parsed with
+ * mbedtls_test_read_mpi() that is a negative 0 (`"-"`, `"-0"`, `"-00"`, etc.,
+ * constructing a result with the sign bit set to -1 and the value being
+ * all-limbs-0, which is not a valid representation in #mbedtls_mpi but is
+ * tested for robustness).
+ */
+extern unsigned mbedtls_test_case_uses_negative_0;
 #endif /* MBEDTLS_BIGNUM_C */
 
 #endif /* TEST_HELPERS_H */

tests/scripts/all.sh

@@ -1721,42 +1721,76 @@ support_build_baremetal () {
     ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h
 }
 
-component_test_depends_curves () {
-    msg "test/build: curves.pl (gcc)" # ~ 4 min
-    tests/scripts/curves.pl
+# depends.py family of tests
+component_test_depends_py_cipher_id () {
+    msg "test/build: depends.py cipher_id (gcc)"
+    tests/scripts/depends.py cipher_id --unset-use-psa
 }
 
-component_test_depends_curves_psa () {
-    msg "test/build: curves.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)"
-    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
-    tests/scripts/curves.pl
+component_test_depends_py_cipher_chaining () {
+    msg "test/build: depends.py cipher_chaining (gcc)"
+    tests/scripts/depends.py cipher_chaining --unset-use-psa
 }
 
-component_test_depends_hashes () {
-    msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min
-    tests/scripts/depends-hashes.pl
+component_test_depends_py_cipher_padding () {
+    msg "test/build: depends.py cipher_padding (gcc)"
+    tests/scripts/depends.py cipher_padding --unset-use-psa
 }
 
-component_test_depends_hashes_psa () {
-    msg "test/build: depends-hashes.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)"
-    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
-    tests/scripts/depends-hashes.pl
+component_test_depends_py_curves () {
+    msg "test/build: depends.py curves (gcc)"
+    tests/scripts/depends.py curves --unset-use-psa
 }
 
-component_test_depends_pkalgs () {
-    msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min
-    tests/scripts/depends-pkalgs.pl
+component_test_depends_py_hashes () {
+    msg "test/build: depends.py hashes (gcc)"
+    tests/scripts/depends.py hashes --unset-use-psa
 }
 
-component_test_depends_pkalgs_psa () {
-    msg "test/build: depends-pkalgs.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)"
-    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
-    tests/scripts/depends-pkalgs.pl
+component_test_depends_py_kex () {
+    msg "test/build: depends.py kex (gcc)"
+    tests/scripts/depends.py kex --unset-use-psa
 }
 
-component_build_key_exchanges () {
-    msg "test/build: key-exchanges (gcc)" # ~ 1 min
-    tests/scripts/key-exchanges.pl
+component_test_depends_py_pkalgs () {
+    msg "test/build: depends.py pkalgs (gcc)"
+    tests/scripts/depends.py pkalgs --unset-use-psa
+}
+
+# PSA equivalents of the depends.py tests
+component_test_depends_py_cipher_id_psa () {
+    msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py cipher_id
+}
+
+component_test_depends_py_cipher_chaining_psa () {
+    msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py cipher_chaining
+}
+
+component_test_depends_py_cipher_padding_psa () {
+    msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py cipher_padding
+}
+
+component_test_depends_py_curves_psa () {
+    msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py curves
+}
+
+component_test_depends_py_hashes_psa () {
+    msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py hashes
+}
+
+component_test_depends_py_kex_psa () {
+    msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py kex
+}
+
+component_test_depends_py_pkalgs_psa () {
+    msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
+    tests/scripts/depends.py pkalgs
 }
 
 component_test_no_use_psa_crypto_full_cmake_asan() {

tests/scripts/basic-build-test.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# basic-build-tests.sh
+# basic-build-test.sh
 #
 # Copyright The Mbed TLS Contributors
 # SPDX-License-Identifier: Apache-2.0
@@ -36,7 +36,7 @@
 #
 # This script has been written to be generic and should work on any shell.
 #
-# Usage: basic-build-tests.sh
+# Usage: basic-build-test.sh
 #
 
 # Abort on errors (and uninitiliased variables)

tests/scripts/basic-in-docker.sh

@@ -40,6 +40,6 @@ for compiler in clang gcc; do
     run_in_docker -e OSSL_NO_DTLS=1 tests/compat.sh
     run_in_docker tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl'
     run_in_docker tests/scripts/test-ref-configs.pl
-    run_in_docker tests/scripts/curves.pl
-    run_in_docker tests/scripts/key-exchanges.pl
+    run_in_docker tests/scripts/depends.py curves
+    run_in_docker tests/scripts/depends.py kex
 done

tests/scripts/curves.pl

@@ -1,125 +0,0 @@
-#!/usr/bin/env perl
-
-# curves.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# The purpose of this test script is to validate that the library works
-# when only a single curve is enabled. In particular, this validates that
-# curve-specific code is guarded by the proper preprocessor conditionals,
-# both in the library and in tests.
-#
-# Since this script only tests builds with a single curve, it can't detect
-# bugs that are only triggered when multiple curves are present. We do
-# also test in many configurations where all curves are enabled, as well
-# as a few configurations in configs/*.h with a restricted subset of curves.
-#
-# Here are some known test gaps that could be addressed by testing all
-# 2^n combinations of support for n curves, which is impractical:
-# * There could be product bugs when curves A and B are enabled but not C.
-#   For example, a MAX_SIZE calculation that forgets B, where
-#   size(A) < size(B) < size(C).
-# * For test cases that require three or more curves, validate that they're
-#   not missing dependencies. This is extremely rare. (For test cases that
-#   require curves A and B but are missing a dependency on B, this is
-#   detected in the A-only build.)
-# Usage: tests/scripts/curves.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# Only curves that are enabled in config.h will be tested.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $sed_cmd = 's/^#define \(MBEDTLS_ECP_DP.*_ENABLED\)/\1/p';
-my $config_h = 'include/mbedtls/config.h';
-my @curves = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` );
-
-# Determine which curves support ECDSA by checking the dependencies of
-# ECDSA in check_config.h.
-my %curve_supports_ecdsa = ();
-{
-    local $/ = "";
-    local *CHECK_CONFIG;
-    open(CHECK_CONFIG, '<', 'include/mbedtls/check_config.h')
-        or die "open include/mbedtls/check_config.h: $!";
-    while (my $stanza = <CHECK_CONFIG>) {
-        if ($stanza =~ /\A#if defined\(MBEDTLS_ECDSA_C\)/) {
-            for my $curve ($stanza =~ /(?<=\()MBEDTLS_ECP_DP_\w+_ENABLED(?=\))/g) {
-                $curve_supports_ecdsa{$curve} = 1;
-            }
-            last;
-        }
-    }
-    close(CHECK_CONFIG);
-}
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-# Disable all the curves. We'll then re-enable them one by one.
-for my $curve (@curves) {
-    system( "scripts/config.pl unset $curve" )
-        and abort "Failed to disable $curve\n";
-}
-# Depends on a specific curve. Also, ignore error if it wasn't enabled.
-system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" );
-
-# Test with only $curve enabled, for each $curve.
-for my $curve (@curves) {
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing with only curve: $curve\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = "$curve";
-
-    system( "scripts/config.pl set $curve" )
-        and abort "Failed to enable $curve\n";
-
-    my $ecdsa = $curve_supports_ecdsa{$curve} ? "set" : "unset";
-    for my $dep (qw(MBEDTLS_ECDSA_C
-                    MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-                    MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) {
-        system( "scripts/config.pl $ecdsa $dep" )
-            and abort "Failed to $ecdsa $dep\n";
-    }
-
-    system( "CFLAGS='-Werror -Wall -Wextra' make" )
-        and abort "Failed to build: only $curve\n";
-    system( "make test" )
-        and abort "Failed test suite: only $curve\n";
-
-    system( "scripts/config.pl unset $curve" )
-        and abort "Failed to disable $curve\n";
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;

tests/scripts/depends-hashes.pl

@@ -1,101 +0,0 @@
-#!/usr/bin/env perl
-
-# depends-hashes.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# To test the code dependencies on individual hashes in each test suite. This
-# is a verification step to ensure we don't ship test suites that do not work
-# for some build options.
-#
-# The process is:
-#       for each possible hash
-#           build the library and test suites with the hash disabled
-#           execute the test suites
-#
-# And any test suite with the wrong dependencies will fail.
-#
-# Usage: tests/scripts/depends-hashes.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $config_h = 'include/mbedtls/config.h';
-
-# as many SSL options depend on specific hashes,
-# and SSL is not in the test suites anyways,
-# disable it to avoid dependency issues
-my $ssl_sed_cmd = 's/^#define \(MBEDTLS_SSL.*\)/\1/p';
-my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` );
-
-# for md we want to catch MD5_C but not MD_C, hence the extra dot
-my $mdx_sed_cmd = 's/^#define \(MBEDTLS_MD..*_C\)/\1/p';
-my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p';
-my @hash_modules = split( /\s+/,
-                    `sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` );
-
-# there are also negative options for truncated variants, disabled by default
-my $sha_trunc_sed_cmd = 's/^\/\/#define \(MBEDTLS_SHA..._NO_.*\)/\1/p';
-my @hash_negatives = split( /\s+/,
-                    `sed -n -e '$sha_trunc_sed_cmd' $config_h` );
-
-# list hash options with corresponding actions
-my @hashes = ((map { "unset $_" } @hash_modules),
-              (map { "set $_" } @hash_negatives));
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-for my $hash (@hashes) {
-    system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing hash option: $hash\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$hash";
-
-    system( "scripts/config.py $hash" )
-        and abort "Failed to $hash\n";
-
-    for my $opt (@ssl) {
-        system( "scripts/config.py unset $opt" )
-            and abort "Failed to disable $opt\n";
-    }
-
-    system( "CFLAGS='-Werror -Wall -Wextra' make lib" )
-        and abort "Failed to build lib: $hash\n";
-    system( "cd tests && make" ) and abort "Failed to build tests: $hash\n";
-    system( "make test" ) and abort "Failed test suite: $hash\n";
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;

tests/scripts/depends-pkalgs.pl

@@ -1,107 +0,0 @@
-#!/usr/bin/env perl
-
-# depends-pkalgs.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# To test the code dependencies on individual PK algs (those that can be used
-# from the PK layer, so currently signature and encryption but not key
-# exchange) in each test suite. This is a verification step to ensure we don't
-# ship test suites that do not work for some build options.
-#
-# The process is:
-#       for each possible PK alg
-#           build the library and test suites with that alg disabled
-#           execute the test suites
-#
-# And any test suite with the wrong dependencies will fail.
-#
-# Usage: tests/scripts/depends-pkalgs.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $config_h = 'include/mbedtls/config.h';
-
-# Some algorithms can't be disabled on their own as others depend on them, so
-# we list those reverse-dependencies here to keep check_config.h happy.
-my %algs = (
-    'MBEDTLS_ECDSA_C'   => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED'],
-    'MBEDTLS_ECP_C'     => ['MBEDTLS_ECDSA_C',
-                            'MBEDTLS_ECDH_C',
-                            'MBEDTLS_ECJPAKE_C',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'],
-    'MBEDTLS_X509_RSASSA_PSS_SUPPORT'   => [],
-    'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
-    'MBEDTLS_PKCS1_V15' => ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
-    'MBEDTLS_RSA_C'     => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT',
-                            'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
-                            'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
-);
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-while( my ($alg, $extras) = each %algs ) {
-    system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing without alg: $alg\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$alg";
-
-    system( "scripts/config.py unset $alg" )
-        and abort "Failed to disable $alg\n";
-    for my $opt (@$extras) {
-        system( "scripts/config.py unset $opt" )
-            and abort "Failed to disable $opt\n";
-    }
-
-    system( "CFLAGS='-Werror -Wall -Wextra' make lib" )
-        and abort "Failed to build lib: $alg\n";
-    system( "cd tests && make" ) and abort "Failed to build tests: $alg\n";
-    system( "make test" ) and abort "Failed test suite: $alg\n";
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;

tests/scripts/depends.py

@@ -0,0 +1,567 @@
+#!/usr/bin/env python3
+
+# Copyright (c) 2022, Arm Limited, All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This file is part of Mbed TLS (https://tls.mbed.org)
+
+"""
+Test Mbed TLS with a subset of algorithms.
+
+This script can be divided into several steps:
+
+First, include/mbedtls/config.h or a different config file passed
+in the arguments is parsed to extract any configuration options (collect_config_symbols).
+
+Then, test domains (groups of jobs, tests) are built based on predefined data
+collected in the DomainData class. Here, each domain has five major traits:
+- domain name, can be used to run only specific tests via command-line;
+- configuration building method, described in detail below;
+- list of symbols passed to the configuration building method;
+- commands to be run on each job (only build, build and test, or any other custom);
+- optional list of symbols to be excluded from testing.
+
+The configuration building method can be one of the three following:
+
+- ComplementaryDomain - build a job for each passed symbol by disabling a single
+  symbol and its reverse dependencies (defined in REVERSE_DEPENDENCIES);
+
+- ExclusiveDomain - build a job where, for each passed symbol, only this particular
+  one is defined and other symbols from the list are unset. For each job look for
+  any non-standard symbols to set/unset in EXCLUSIVE_GROUPS. These are usually not
+  direct dependencies, but rather non-trivial results of other configs missing. Then
+  look for any unset symbols and handle their reverse dependencies.
+
+- DualDomain - combination of the two above - both complementary and exclusive domain
+  job generation code will be run. Currently only used for hashes.
+
+Lastly, the collected jobs are executed and (optionally) tested, with
+error reporting and coloring as configured in options. Each test starts with
+a full config without a couple of slowing down or unnecessary options
+(see set_reference_config), then the specific job config is derived.
+"""
+import argparse
+import os
+import re
+import shutil
+import subprocess
+import sys
+import traceback
+
+class Colors: # pylint: disable=too-few-public-methods
+    """Minimalistic support for colored output.
+Each field of an object of this class is either None if colored output
+is not possible or not desired, or a pair of strings (start, stop) such
+that outputting start switches the text color to the desired color and
+stop switches the text color back to the default."""
+    red = None
+    green = None
+    bold_red = None
+    bold_green = None
+    def __init__(self, options=None):
+        """Initialize color profile according to passed options."""
+        if not options or options.color in ['no', 'never']:
+            want_color = False
+        elif options.color in ['yes', 'always']:
+            want_color = True
+        else:
+            want_color = sys.stderr.isatty()
+        if want_color:
+            # Assume ANSI compatible terminal
+            normal = '\033[0m'
+            self.red = ('\033[31m', normal)
+            self.green = ('\033[32m', normal)
+            self.bold_red = ('\033[1;31m', normal)
+            self.bold_green = ('\033[1;32m', normal)
+NO_COLORS = Colors(None)
+
+def log_line(text, prefix='depends.py:', suffix='', color=None):
+    """Print a status message."""
+    if color is not None:
+        prefix = color[0] + prefix
+        suffix = suffix + color[1]
+    sys.stderr.write(prefix + ' ' + text + suffix + '\n')
+    sys.stderr.flush()
+
+def log_command(cmd):
+    """Print a trace of the specified command.
+cmd is a list of strings: a command name and its arguments."""
+    log_line(' '.join(cmd), prefix='+')
+
+def backup_config(options):
+    """Back up the library configuration file (config.h).
+If the backup file already exists, it is presumed to be the desired backup,
+so don't make another backup."""
+    if os.path.exists(options.config_backup):
+        options.own_backup = False
+    else:
+        options.own_backup = True
+        shutil.copy(options.config, options.config_backup)
+
+def restore_config(options):
+    """Restore the library configuration file (config.h).
+Remove the backup file if it was saved earlier."""
+    if options.own_backup:
+        shutil.move(options.config_backup, options.config)
+    else:
+        shutil.copy(options.config_backup, options.config)
+
+def run_config_py(options, args):
+    """Run scripts/config.py with the specified arguments."""
+    cmd = ['scripts/config.py']
+    if options.config != 'include/mbedtls/config.h':
+        cmd += ['--file', options.config]
+    cmd += args
+    log_command(cmd)
+    subprocess.check_call(cmd)
+
+def set_reference_config(options):
+    """Change the library configuration file (config.h) to the reference state.
+The reference state is the one from which the tested configurations are
+derived."""
+    # Turn off options that are not relevant to the tests and slow them down.
+    run_config_py(options, ['full'])
+    run_config_py(options, ['unset', 'MBEDTLS_TEST_HOOKS'])
+    if options.unset_use_psa:
+        run_config_py(options, ['unset', 'MBEDTLS_USE_PSA_CRYPTO'])
+
+def collect_config_symbols(options):
+    """Read the list of settings from config.h.
+Return them in a generator."""
+    with open(options.config, encoding="utf-8") as config_file:
+        rx = re.compile(r'\s*(?://\s*)?#define\s+(\w+)\s*(?:$|/[/*])')
+        for line in config_file:
+            m = re.match(rx, line)
+            if m:
+                yield m.group(1)
+
+class Job:
+    """A job builds the library in a specific configuration and runs some tests."""
+    def __init__(self, name, config_settings, commands):
+        """Build a job object.
+The job uses the configuration described by config_settings. This is a
+dictionary where the keys are preprocessor symbols and the values are
+booleans or strings. A boolean indicates whether or not to #define the
+symbol. With a string, the symbol is #define'd to that value.
+After setting the configuration, the job runs the programs specified by
+commands. This is a list of lists of strings; each list of string is a
+command name and its arguments and is passed to subprocess.call with
+shell=False."""
+        self.name = name
+        self.config_settings = config_settings
+        self.commands = commands
+
+    def announce(self, colors, what):
+        '''Announce the start or completion of a job.
+If what is None, announce the start of the job.
+If what is True, announce that the job has passed.
+If what is False, announce that the job has failed.'''
+        if what is True:
+            log_line(self.name + ' PASSED', color=colors.green)
+        elif what is False:
+            log_line(self.name + ' FAILED', color=colors.red)
+        else:
+            log_line('starting ' + self.name)
+
+    def configure(self, options):
+        '''Set library configuration options as required for the job.'''
+        set_reference_config(options)
+        for key, value in sorted(self.config_settings.items()):
+            if value is True:
+                args = ['set', key]
+            elif value is False:
+                args = ['unset', key]
+            else:
+                args = ['set', key, value]
+            run_config_py(options, args)
+
+    def test(self, options):
+        '''Run the job's build and test commands.
+Return True if all the commands succeed and False otherwise.
+If options.keep_going is false, stop as soon as one command fails. Otherwise
+run all the commands, except that if the first command fails, none of the
+other commands are run (typically, the first command is a build command
+and subsequent commands are tests that cannot run if the build failed).'''
+        built = False
+        success = True
+        for command in self.commands:
+            log_command(command)
+            ret = subprocess.call(command)
+            if ret != 0:
+                if command[0] not in ['make', options.make_command]:
+                    log_line('*** [{}] Error {}'.format(' '.join(command), ret))
+                if not options.keep_going or not built:
+                    return False
+                success = False
+            built = True
+        return success
+
+# SSL/TLS versions up to 1.1 and corresponding options. These require
+# both MD5 and SHA-1.
+SSL_PRE_1_2_DEPENDENCIES = ['MBEDTLS_SSL_CBC_RECORD_SPLITTING',
+                            'MBEDTLS_SSL_PROTO_SSL3',
+                            'MBEDTLS_SSL_PROTO_TLS1',
+                            'MBEDTLS_SSL_PROTO_TLS1_1']
+
+# If the configuration option A requires B, make sure that
+# B in REVERSE_DEPENDENCIES[A].
+# All the information here should be contained in check_config.h. This
+# file includes a copy because it changes rarely and it would be a pain
+# to extract automatically.
+REVERSE_DEPENDENCIES = {
+    'MBEDTLS_AES_C': ['MBEDTLS_CTR_DRBG_C',
+                      'MBEDTLS_NIST_KW_C'],
+    'MBEDTLS_CHACHA20_C': ['MBEDTLS_CHACHAPOLY_C'],
+    'MBEDTLS_ECDSA_C': ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                        'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED'],
+    'MBEDTLS_ECP_C': ['MBEDTLS_ECDSA_C',
+                      'MBEDTLS_ECDH_C',
+                      'MBEDTLS_ECJPAKE_C',
+                      'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_ECP_DP_SECP256R1_ENABLED': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_MD5_C': SSL_PRE_1_2_DEPENDENCIES,
+    'MBEDTLS_PKCS1_V21': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
+    'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
+                          'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+                          'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
+                          'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
+    'MBEDTLS_RSA_C': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT',
+                      'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED',
+                      'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'],
+    'MBEDTLS_SHA1_C': SSL_PRE_1_2_DEPENDENCIES,
+    'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
+                         'MBEDTLS_ENTROPY_FORCE_SHA256',
+                         'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT',
+                         'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'],
+    'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT',
+                         'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY'],
+    'MBEDTLS_X509_RSASSA_PSS_SUPPORT': []
+}
+
+# If an option is tested in an exclusive test, alter the following defines.
+# These are not necessarily dependencies, but just minimal required changes
+# if a given define is the only one enabled from an exclusive group.
+EXCLUSIVE_GROUPS = {
+    'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL'],
+    'MBEDTLS_SHA512_NO_SHA384': ['+MBEDTLS_SHA512_C',
+                                 '-MBEDTLS_SSL_PROTO_TLS1_2',
+                                 '-MBEDTLS_SSL_PROTO_DTLS',
+                                 '-MBEDTLS_SSL_TLS_C',
+                                 '-MBEDTLS_SSL_CLI_C',
+                                 '-MBEDTLS_SSL_SRV_C',
+                                 '-MBEDTLS_SSL_DTLS_HELLO_VERIFY',
+                                 '-MBEDTLS_SSL_DTLS_ANTI_REPLAY',
+                                 '-MBEDTLS_SSL_DTLS_CONNECTION_ID',
+                                 '-MBEDTLS_SSL_DTLS_BADMAC_LIMIT',
+                                 '-MBEDTLS_SSL_ENCRYPT_THEN_MAC',
+                                 '-MBEDTLS_SSL_EXTENDED_MASTER_SECRET',
+                                 '-MBEDTLS_SSL_DTLS_SRTP',
+                                 '-MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE'],
+    'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C',
+                                        '-MBEDTLS_ECDSA_DETERMINISTIC',
+                                        '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                                        '-MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
+                                        '-MBEDTLS_ECJPAKE_C',
+                                        '-MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_ECP_DP_CURVE25519_ENABLED': ['-MBEDTLS_ECDSA_C',
+                                          '-MBEDTLS_ECDSA_DETERMINISTIC',
+                                          '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
+                                          '-MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
+                                          '-MBEDTLS_ECJPAKE_C',
+                                          '-MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
+    'MBEDTLS_ARIA_C': ['-MBEDTLS_CMAC_C'],
+    'MBEDTLS_ARC4_C': ['-MBEDTLS_CMAC_C',
+                       '-MBEDTLS_CCM_C',
+                       '-MBEDTLS_SSL_TICKET_C',
+                       '-MBEDTLS_SSL_CONTEXT_SERIALIZATION',
+                       '-MBEDTLS_GCM_C'],
+    'MBEDTLS_BLOWFISH_C': ['-MBEDTLS_CMAC_C',
+                           '-MBEDTLS_CCM_C',
+                           '-MBEDTLS_SSL_TICKET_C',
+                           '-MBEDTLS_SSL_CONTEXT_SERIALIZATION',
+                           '-MBEDTLS_GCM_C'],
+    'MBEDTLS_CAMELLIA_C': ['-MBEDTLS_CMAC_C'],
+    'MBEDTLS_CHACHA20_C': ['-MBEDTLS_CMAC_C', '-MBEDTLS_CCM_C', '-MBEDTLS_GCM_C'],
+    'MBEDTLS_DES_C': ['-MBEDTLS_CCM_C',
+                      '-MBEDTLS_GCM_C',
+                      '-MBEDTLS_SSL_TICKET_C',
+                      '-MBEDTLS_SSL_CONTEXT_SERIALIZATION'],
+}
+def handle_exclusive_groups(config_settings, symbol):
+    """For every symbol tested in an exclusive group check if there are other
+defines to be altered. """
+    for dep in EXCLUSIVE_GROUPS.get(symbol, []):
+        unset = dep.startswith('-')
+        dep = dep[1:]
+        config_settings[dep] = not unset
+
+def turn_off_dependencies(config_settings):
+    """For every option turned off config_settings, also turn off what depends on it.
+An option O is turned off if config_settings[O] is False."""
+    for key, value in sorted(config_settings.items()):
+        if value is not False:
+            continue
+        for dep in REVERSE_DEPENDENCIES.get(key, []):
+            config_settings[dep] = False
+
+class BaseDomain: # pylint: disable=too-few-public-methods, unused-argument
+    """A base class for all domains."""
+    def __init__(self, symbols, commands, exclude):
+        """Initialize the jobs container"""
+        self.jobs = []
+
+class ExclusiveDomain(BaseDomain): # pylint: disable=too-few-public-methods
+    """A domain consisting of a set of conceptually-equivalent settings.
+Establish a list of configuration symbols. For each symbol, run a test job
+with this symbol set and the others unset."""
+    def __init__(self, symbols, commands, exclude=None):
+        """Build a domain for the specified list of configuration symbols.
+The domain contains a set of jobs that enable one of the elements
+of symbols and disable the others.
+Each job runs the specified commands.
+If exclude is a regular expression, skip generated jobs whose description
+would match this regular expression."""
+        super().__init__(symbols, commands, exclude)
+        base_config_settings = {}
+        for symbol in symbols:
+            base_config_settings[symbol] = False
+        for symbol in symbols:
+            description = symbol
+            if exclude and re.match(exclude, description):
+                continue
+            config_settings = base_config_settings.copy()
+            config_settings[symbol] = True
+            handle_exclusive_groups(config_settings, symbol)
+            turn_off_dependencies(config_settings)
+            job = Job(description, config_settings, commands)
+            self.jobs.append(job)
+
+class ComplementaryDomain(BaseDomain): # pylint: disable=too-few-public-methods
+    """A domain consisting of a set of loosely-related settings.
+Establish a list of configuration symbols. For each symbol, run a test job
+with this symbol unset.
+If exclude is a regular expression, skip generated jobs whose description
+would match this regular expression."""
+    def __init__(self, symbols, commands, exclude=None):
+        """Build a domain for the specified list of configuration symbols.
+Each job in the domain disables one of the specified symbols.
+Each job runs the specified commands."""
+        super().__init__(symbols, commands, exclude)
+        for symbol in symbols:
+            description = '!' + symbol
+            if exclude and re.match(exclude, description):
+                continue
+            config_settings = {symbol: False}
+            turn_off_dependencies(config_settings)
+            job = Job(description, config_settings, commands)
+            self.jobs.append(job)
+
+class DualDomain(ExclusiveDomain, ComplementaryDomain): # pylint: disable=too-few-public-methods
+    """A domain that contains both the ExclusiveDomain and BaseDomain tests.
+Both parent class __init__ calls are performed in any order and
+each call adds respective jobs. The job array initialization is done once in
+BaseDomain, before the parent __init__ calls."""
+
+class CipherInfo: # pylint: disable=too-few-public-methods
+    """Collect data about cipher.h."""
+    def __init__(self):
+        self.base_symbols = set()
+        with open('include/mbedtls/cipher.h', encoding="utf-8") as fh:
+            for line in fh:
+                m = re.match(r' *MBEDTLS_CIPHER_ID_(\w+),', line)
+                if m and m.group(1) not in ['NONE', 'NULL', '3DES']:
+                    self.base_symbols.add('MBEDTLS_' + m.group(1) + '_C')
+
+class DomainData:
+    """A container for domains and jobs, used to structurize testing."""
+    def config_symbols_matching(self, regexp):
+        """List the config.h settings matching regexp."""
+        return [symbol for symbol in self.all_config_symbols
+                if re.match(regexp, symbol)]
+
+    def __init__(self, options):
+        """Gather data about the library and establish a list of domains to test."""
+        build_command = [options.make_command, 'CFLAGS=-Werror']
+        build_and_test = [build_command, [options.make_command, 'test']]
+        self.all_config_symbols = set(collect_config_symbols(options))
+        # Find hash modules by name.
+        hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z')
+        hash_symbols.append("MBEDTLS_SHA512_NO_SHA384")
+        # Find elliptic curve enabling macros by name.
+        curve_symbols = self.config_symbols_matching(r'MBEDTLS_ECP_DP_\w+_ENABLED\Z')
+        # Find key exchange enabling macros by name.
+        key_exchange_symbols = self.config_symbols_matching(r'MBEDTLS_KEY_EXCHANGE_\w+_ENABLED\Z')
+        # Find cipher IDs (block permutations and stream ciphers --- chaining
+        # and padding modes are exercised separately) information by parsing
+        # cipher.h, as the information is not readily available in config.h.
+        cipher_info = CipherInfo()
+        # Find block cipher chaining and padding mode enabling macros by name.
+        cipher_chaining_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_MODE_\w+\Z')
+        cipher_padding_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_PADDING_\w+\Z')
+        self.domains = {
+            # Cipher IDs, chaining modes and padding modes. Run the test suites.
+            'cipher_id': ExclusiveDomain(cipher_info.base_symbols,
+                                         build_and_test),
+            'cipher_chaining': ExclusiveDomain(cipher_chaining_symbols,
+                                               build_and_test),
+            'cipher_padding': ExclusiveDomain(cipher_padding_symbols,
+                                              build_and_test),
+            # Elliptic curves. Run the test suites.
+            'curves': ExclusiveDomain(curve_symbols, build_and_test),
+            # Hash algorithms. Exclude exclusive domain of MD, RIPEMD, SHA1 (obsolete)
+            'hashes': DualDomain(hash_symbols, build_and_test,
+                                 exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)'\
+                                          '|!MBEDTLS_*_NO_SHA'),
+            # Key exchange types. Only build the library and the sample
+            # programs.
+            'kex': ExclusiveDomain(key_exchange_symbols,
+                                   [build_command + ['lib'],
+                                    build_command + ['-C', 'programs']]),
+            'pkalgs': ComplementaryDomain(['MBEDTLS_ECDSA_C',
+                                           'MBEDTLS_ECP_C',
+                                           'MBEDTLS_PKCS1_V21',
+                                           'MBEDTLS_PKCS1_V15',
+                                           'MBEDTLS_RSA_C',
+                                           'MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
+                                          build_and_test),
+        }
+        self.jobs = {}
+        for domain in self.domains.values():
+            for job in domain.jobs:
+                self.jobs[job.name] = job
+
+    def get_jobs(self, name):
+        """Return the list of jobs identified by the given name.
+A name can either be the name of a domain or the name of one specific job."""
+        if name in self.domains:
+            return sorted(self.domains[name].jobs, key=lambda job: job.name)
+        else:
+            return [self.jobs[name]]
+
+def run(options, job, colors=NO_COLORS):
+    """Run the specified job (a Job instance)."""
+    subprocess.check_call([options.make_command, 'clean'])
+    job.announce(colors, None)
+    job.configure(options)
+    success = job.test(options)
+    job.announce(colors, success)
+    return success
+
+def run_tests(options, domain_data):
+    """Run the desired jobs.
+domain_data should be a DomainData instance that describes the available
+domains and jobs.
+Run the jobs listed in options.tasks."""
+    if not hasattr(options, 'config_backup'):
+        options.config_backup = options.config + '.bak'
+    colors = Colors(options)
+    jobs = []
+    failures = []
+    successes = []
+    for name in options.tasks:
+        jobs += domain_data.get_jobs(name)
+    backup_config(options)
+    try:
+        for job in jobs:
+            success = run(options, job, colors=colors)
+            if not success:
+                if options.keep_going:
+                    failures.append(job.name)
+                else:
+                    return False
+            else:
+                successes.append(job.name)
+        restore_config(options)
+    except:
+        # Restore the configuration, except in stop-on-error mode if there
+        # was an error, where we leave the failing configuration up for
+        # developer convenience.
+        if options.keep_going:
+            restore_config(options)
+        raise
+    if successes:
+        log_line('{} passed'.format(' '.join(successes)), color=colors.bold_green)
+    if failures:
+        log_line('{} FAILED'.format(' '.join(failures)), color=colors.bold_red)
+        return False
+    else:
+        return True
+
+def main():
+    try:
+        parser = argparse.ArgumentParser(
+            formatter_class=argparse.RawDescriptionHelpFormatter,
+            description=
+            "Test Mbed TLS with a subset of algorithms.\n\n"
+            "Example usage:\n"
+            r"./tests/scripts/depends.py \!MBEDTLS_SHA1_C MBEDTLS_SHA256_C""\n"
+            "./tests/scripts/depends.py MBEDTLS_AES_C hashes\n"
+            "./tests/scripts/depends.py cipher_id cipher_chaining\n")
+        parser.add_argument('--color', metavar='WHEN',
+                            help='Colorize the output (always/auto/never)',
+                            choices=['always', 'auto', 'never'], default='auto')
+        parser.add_argument('-c', '--config', metavar='FILE',
+                            help='Configuration file to modify',
+                            default='include/mbedtls/config.h')
+        parser.add_argument('-C', '--directory', metavar='DIR',
+                            help='Change to this directory before anything else',
+                            default='.')
+        parser.add_argument('-k', '--keep-going',
+                            help='Try all configurations even if some fail (default)',
+                            action='store_true', dest='keep_going', default=True)
+        parser.add_argument('-e', '--no-keep-going',
+                            help='Stop as soon as a configuration fails',
+                            action='store_false', dest='keep_going')
+        parser.add_argument('--list-jobs',
+                            help='List supported jobs and exit',
+                            action='append_const', dest='list', const='jobs')
+        parser.add_argument('--list-domains',
+                            help='List supported domains and exit',
+                            action='append_const', dest='list', const='domains')
+        parser.add_argument('--make-command', metavar='CMD',
+                            help='Command to run instead of make (e.g. gmake)',
+                            action='store', default='make')
+        parser.add_argument('--unset-use-psa',
+                            help='Unset MBEDTLS_USE_PSA_CRYPTO before any test',
+                            action='store_true', dest='unset_use_psa')
+        parser.add_argument('tasks', metavar='TASKS', nargs='*',
+                            help='The domain(s) or job(s) to test (default: all).',
+                            default=True)
+        options = parser.parse_args()
+        os.chdir(options.directory)
+        domain_data = DomainData(options)
+        if options.tasks is True:
+            options.tasks = sorted(domain_data.domains.keys())
+        if options.list:
+            for arg in options.list:
+                for domain_name in sorted(getattr(domain_data, arg).keys()):
+                    print(domain_name)
+            sys.exit(0)
+        else:
+            sys.exit(0 if run_tests(options, domain_data) else 1)
+    except Exception: # pylint: disable=broad-except
+        traceback.print_exc()
+        sys.exit(3)
+
+if __name__ == '__main__':
+    main()

tests/scripts/generate-afl-tests.sh

@@ -6,7 +6,7 @@
 #
 # Usage: generate-afl-tests.sh <test data file path>
 #  <test data file path> - should be the path to one of the test suite files
-#                          such as 'test_suite_mpi.data'
+#                          such as 'test_suite_rsa.data'
 #
 # Copyright The Mbed TLS Contributors
 # SPDX-License-Identifier: Apache-2.0

tests/scripts/generate_bignum_tests.py

@@ -54,9 +54,7 @@ of BaseTarget in test_data_generation.py.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-import itertools
 import sys
-import typing
 
 from abc import ABCMeta, abstractmethod
 from typing import Iterator, List, Tuple, TypeVar
@@ -68,25 +66,25 @@ from mbedtls_dev import test_data_generation
 T = TypeVar('T') #pylint: disable=invalid-name
 
 def hex_to_int(val: str) -> int:
-    return int(val, 16) if val else 0
+    """Implement the syntax accepted by mbedtls_test_read_mpi().
+
+    This is a superset of what is accepted by mbedtls_test_read_mpi_core().
+    """
+    if val in ['', '-']:
+        return 0
+    return int(val, 16)
 
 def quote_str(val) -> str:
     return "\"{}\"".format(val)
 
 def combination_pairs(values: List[T]) -> List[Tuple[T, T]]:
     """Return all pair combinations from input values."""
-    # The return value is cast, as older versions of mypy are unable to derive
-    # the specific type returned by itertools.combinations_with_replacement.
-    return typing.cast(
-        List[Tuple[T, T]],
-        list(itertools.combinations_with_replacement(values, 2))
-    )
-
+    return [(x, y) for x in values for y in values]
 
 class BignumTarget(test_data_generation.BaseTarget, metaclass=ABCMeta):
     #pylint: disable=abstract-method
-    """Target for bignum (mpi) test case generation."""
-    target_basename = 'test_suite_mpi.generated'
+    """Target for bignum (legacy) test case generation."""
+    target_basename = 'test_suite_bignum.generated'
 
 
 class BignumOperation(BignumTarget, metaclass=ABCMeta):
@@ -105,7 +103,8 @@ class BignumOperation(BignumTarget, metaclass=ABCMeta):
     """
     symbol = ""
     input_values = [
-        "", "0", "7b", "-7b",
+        "", "0", "-", "-0",
+        "7b", "-7b",
         "0000000000000000123", "-0000000000000000123",
         "1230000000000000000", "-1230000000000000000"
     ] # type: List[str]
@@ -120,6 +119,11 @@ class BignumOperation(BignumTarget, metaclass=ABCMeta):
     def arguments(self) -> List[str]:
         return [quote_str(self.arg_a), quote_str(self.arg_b), self.result()]
 
+    def description_suffix(self) -> str:
+        #pylint: disable=no-self-use # derived classes need self
+        """Text to add at the end of the test case description."""
+        return ""
+
     def description(self) -> str:
         """Generate a description for the test case.
 
@@ -133,6 +137,9 @@ class BignumOperation(BignumTarget, metaclass=ABCMeta):
                 self.symbol,
                 self.value_description(self.arg_b)
             )
+            description_suffix = self.description_suffix()
+            if description_suffix:
+                self.case_description += " " + description_suffix
         return super().description()
 
     @abstractmethod
@@ -153,6 +160,8 @@ class BignumOperation(BignumTarget, metaclass=ABCMeta):
         """
         if val == "":
             return "0 (null)"
+        if val == "-":
+            return "negative 0 (null)"
         if val == "0":
             return "0 (1 limb)"
 
@@ -228,8 +237,21 @@ class BignumAdd(BignumOperation):
         ]
     )
 
+    def __init__(self, val_a: str, val_b: str) -> None:
+        super().__init__(val_a, val_b)
+        self._result = self.int_a + self.int_b
+
+    def description_suffix(self) -> str:
+        if (self.int_a >= 0 and self.int_b >= 0):
+            return "" # obviously positive result or 0
+        if (self.int_a <= 0 and self.int_b <= 0):
+            return "" # obviously negative result or 0
+        # The sign of the result is not obvious, so indicate it
+        return ", result{}0".format('>' if self._result > 0 else
+                                    '<' if self._result < 0 else '=')
+
     def result(self) -> str:
-        return quote_str("{:x}".format(self.int_a + self.int_b))
+        return quote_str("{:x}".format(self._result))
 
 if __name__ == '__main__':
     # Use the section of the docstring relevant to the CLI as description

tests/scripts/generate_test_code.py

@@ -126,9 +126,11 @@ code that is generated or read from helpers and platform files.
 This script replaces following fields in the template and generates
 the test source file:
 
-$test_common_helpers        <-- All common code from helpers.function
+__MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPERS
+            All common code from helpers.function
             is substituted here.
-$functions_code             <-- Test functions are substituted here
+__MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE
+            Test functions are substituted here
             from the input test_suit_xyz.function
             file. C preprocessor checks are generated
             for the build dependencies specified
@@ -137,21 +139,25 @@ $functions_code             <-- Test functions are substituted here
             functions with code to expand the
             string parameters read from the data
             file.
-$expression_code            <-- This script enumerates the
+__MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE
+            This script enumerates the
             expressions in the .data file and
             generates code to handle enumerated
             expression Ids and return the values.
-$dep_check_code             <-- This script enumerates all
+__MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE
+            This script enumerates all
             build dependencies and generate
             code to handle enumerated build
             dependency Id and return status: if
             the dependency is defined or not.
-$dispatch_code              <-- This script enumerates the functions
+__MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE
+            This script enumerates the functions
             specified in the input test data file
             and generates the initializer for the
             function table in the template
             file.
-$platform_code              <-- Platform specific setup and test
+__MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE
+            Platform specific setup and test
             dispatch code.
 
 """
@@ -974,11 +980,27 @@ def write_test_source_file(template_file, c_file, snippets):
     :param snippets: Generated and code snippets
     :return:
     """
+
+    # Create a placeholder pattern with the correct named capture groups
+    # to override the default provided with Template.
+    # Match nothing (no way of escaping placeholders).
+    escaped = "(?P<escaped>(?!))"
+    # Match the "__MBEDTLS_TEST_TEMPLATE__PLACEHOLDER_NAME" pattern.
+    named = "__MBEDTLS_TEST_TEMPLATE__(?P<named>[A-Z][_A-Z0-9]*)"
+    # Match nothing (no braced placeholder syntax).
+    braced = "(?P<braced>(?!))"
+    # If not already matched, a "__MBEDTLS_TEST_TEMPLATE__" prefix is invalid.
+    invalid = "(?P<invalid>__MBEDTLS_TEST_TEMPLATE__)"
+    placeholder_pattern = re.compile("|".join([escaped, named, braced, invalid]))
+
     with open(template_file, 'r') as template_f, open(c_file, 'w') as c_f:
         for line_no, line in enumerate(template_f.readlines(), 1):
             # Update line number. +1 as #line directive sets next line number
             snippets['line_no'] = line_no + 1
-            code = string.Template(line).substitute(**snippets)
+            template = string.Template(line)
+            template.pattern = placeholder_pattern
+            snippets = {k.upper():v for (k, v) in snippets.items()}
+            code = template.substitute(**snippets)
             c_f.write(code)
 
 

tests/scripts/key-exchanges.pl

@@ -1,76 +0,0 @@
-#!/usr/bin/env perl
-
-# key-exchanges.pl
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Purpose
-#
-# To test the code dependencies on individual key exchanges in the SSL module.
-# is a verification step to ensure we don't ship SSL code that do not work
-# for some build options.
-#
-# The process is:
-#       for each possible key exchange
-#           build the library with all but that key exchange disabled
-#
-# Usage: tests/scripts/key-exchanges.pl
-#
-# This script should be executed from the root of the project directory.
-#
-# For best effect, run either with cmake disabled, or cmake enabled in a mode
-# that includes -Werror.
-
-use warnings;
-use strict;
-
--d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
-
-my $sed_cmd = 's/^#define \(MBEDTLS_KEY_EXCHANGE_.*_ENABLED\)/\1/p';
-my $config_h = 'include/mbedtls/config.h';
-my @kexes = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` );
-
-system( "cp $config_h $config_h.bak" ) and die;
-sub abort {
-    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
-    # use an exit code between 1 and 124 for git bisect (die returns 255)
-    warn $_[0];
-    exit 1;
-}
-
-for my $kex (@kexes) {
-    system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
-    system( "make clean" ) and die;
-
-    print "\n******************************************\n";
-    print "* Testing with key exchange: $kex\n";
-    print "******************************************\n";
-    $ENV{MBEDTLS_TEST_CONFIGURATION} = $kex;
-
-    # full config with all key exchanges disabled except one
-    system( "scripts/config.py full" ) and abort "Failed config full\n";
-    for my $k (@kexes) {
-        next if $k eq $kex;
-        system( "scripts/config.py unset $k" )
-            and abort "Failed to disable $k\n";
-    }
-
-    system( "make lib CFLAGS='-Os -Werror'" ) and abort "Failed to build lib: $kex\n";
-}
-
-system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
-system( "make clean" ) and die;
-exit 0;

tests/scripts/run-test-suites.pl

@@ -50,11 +50,13 @@ GetOptions(
            'verbose|v:1' => \$verbose,
           ) or die;
 
-# All test suites = executable files, excluding source files, debug
-# and profiling information, etc. We can't just grep {! /\./} because
-# some of our test cases' base names contain a dot.
-my @suites = grep { -x $_ || /\.exe$/ } glob 'test_suite_*';
-@suites = grep { !/\.c$/ && !/\.data$/ && -f } @suites;
+# All test suites = executable files with a .datax file.
+my @suites = ();
+for my $data_file (glob 'test_suite_*.datax') {
+    (my $base = $data_file) =~ s/\.datax$//;
+    push @suites, $base if -x $base;
+    push @suites, "$base.exe" if -e "$base.exe";
+}
 die "$0: no test suite found\n" unless @suites;
 
 # "foo" as a skip pattern skips "test_suite_foo" and "test_suite_foo.bar"

tests/src/helpers.c

@@ -107,6 +107,10 @@ void mbedtls_test_set_step( unsigned long step )
     mbedtls_test_info.step = step;
 }
 
+#if defined(MBEDTLS_BIGNUM_C)
+unsigned mbedtls_test_case_uses_negative_0 = 0;
+#endif
+
 void mbedtls_test_info_reset( void )
 {
     mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SUCCESS;
@@ -116,6 +120,9 @@ void mbedtls_test_info_reset( void )
     mbedtls_test_info.filename = 0;
     memset( mbedtls_test_info.line1, 0, sizeof( mbedtls_test_info.line1 ) );
     memset( mbedtls_test_info.line2, 0, sizeof( mbedtls_test_info.line2 ) );
+#if defined(MBEDTLS_BIGNUM_C)
+    mbedtls_test_case_uses_negative_0 = 0;
+#endif
 }
 
 int mbedtls_test_equal( const char *test, int line_no, const char* filename,
@@ -426,6 +433,15 @@ void mbedtls_test_err_add_check( int high, int low,
 #if defined(MBEDTLS_BIGNUM_C)
 int mbedtls_test_read_mpi( mbedtls_mpi *X, const char *s )
 {
+    int negative = 0;
+    /* Always set the sign bit to -1 if the input has a minus sign, even for 0.
+     * This creates an invalid representation, which mbedtls_mpi_read_string()
+     * avoids but we want to be able to create that in test data. */
+    if( s[0] == '-' )
+    {
+        ++s;
+        negative = 1;
+    }
     /* mbedtls_mpi_read_string() currently retains leading zeros.
      * It always allocates at least one limb for the value 0. */
     if( s[0] == 0 )
@@ -433,7 +449,15 @@ int mbedtls_test_read_mpi( mbedtls_mpi *X, const char *s )
         mbedtls_mpi_free( X );
         return( 0 );
     }
-    else
-        return( mbedtls_mpi_read_string( X, 16, s ) );
+    int ret = mbedtls_mpi_read_string( X, 16, s );
+    if( ret != 0 )
+        return( ret );
+    if( negative )
+    {
+        if( mbedtls_mpi_cmp_int( X, 0 ) == 0 )
+            ++mbedtls_test_case_uses_negative_0;
+        X->s = -1;
+    }
+    return( 0 );
 }
 #endif

tests/ssl-opt.sh

@@ -1493,6 +1493,20 @@ if [ -n "${OPENSSL_LEGACY:-}" ]; then
     O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT"
 fi
 
+# Newer versions of OpenSSL have a syntax to enable all "ciphers", even
+# low-security ones. This covers not just cipher suites but also protocol
+# versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on
+# OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in
+# OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find
+# a way to discover it from -help, so check the openssl version.
+case $($OPENSSL_CMD version) in
+    "OpenSSL 0"*|"OpenSSL 1.0"*) :;;
+    *)
+        O_CLI="$O_CLI -cipher ALL@SECLEVEL=0"
+        O_SRV="$O_SRV -cipher ALL@SECLEVEL=0"
+        ;;
+esac
+
 if [ -n "${OPENSSL_NEXT:-}" ]; then
     O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
     O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"

tests/suites/main_test.function

@@ -3,17 +3,17 @@
  * *** THIS FILE HAS BEEN MACHINE GENERATED ***
  *
  * This file has been machine generated using the script:
- * $generator_script
+ * __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
  *
- * Test file      : $test_file
+ * Test file      : __MBEDTLS_TEST_TEMPLATE__TEST_FILE
  *
  * The following files were used to create this file.
  *
- *      Main code file      : $test_main_file
- *      Platform code file  : $test_platform_file
- *      Helper file         : $test_common_helper_file
- *      Test suite file     : $test_case_file
- *      Test suite data     : $test_case_data_file
+ *      Main code file      : __MBEDTLS_TEST_TEMPLATE__TEST_MAIN_FILE
+ *      Platform code file  : __MBEDTLS_TEST_TEMPLATE__TEST_PLATFORM_FILE
+ *      Helper file         : __MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPER_FILE
+ *      Test suite file     : __MBEDTLS_TEST_TEMPLATE__TEST_CASE_FILE
+ *      Test suite data     : __MBEDTLS_TEST_TEMPLATE__TEST_CASE_DATA_FILE
  *
  */
 
@@ -49,9 +49,9 @@
 /*----------------------------------------------------------------------------*/
 /* Common helper code */
 
-$test_common_helpers
+__MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPERS
 
-#line $line_no "suites/main_test.function"
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
 
 
 /*----------------------------------------------------------------------------*/
@@ -60,9 +60,9 @@ $test_common_helpers
 
 #define TEST_SUITE_ACTIVE
 
-$functions_code
+__MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE
 
-#line $line_no "suites/main_test.function"
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
 
 
 /*----------------------------------------------------------------------------*/
@@ -74,7 +74,7 @@ $functions_code
  *              For optimizing space for embedded targets each expression/macro
  *              is identified by a unique identifier instead of string literals.
  *              Identifiers and evaluation code is generated by script:
- *              $generator_script
+ *              __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
  *
  * \param exp_id    Expression identifier.
  * \param out_value Pointer to int to hold the integer.
@@ -90,8 +90,8 @@ int get_expression( int32_t exp_id, int32_t * out_value )
 
     switch( exp_id )
     {
-$expression_code
-#line $line_no "suites/main_test.function"
+__MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
         default:
            {
                 ret = KEY_VALUE_MAPPING_NOT_FOUND;
@@ -107,7 +107,7 @@ $expression_code
  *              For optimizing space for embedded targets each dependency
  *              is identified by a unique identifier instead of string literals.
  *              Identifiers and check code is generated by script:
- *              $generator_script
+ *              __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
  *
  * \param dep_id    Dependency identifier.
  *
@@ -121,8 +121,8 @@ int dep_check( int dep_id )
 
     switch( dep_id )
     {
-$dep_check_code
-#line $line_no "suites/main_test.function"
+__MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
         default:
             break;
     }
@@ -149,13 +149,13 @@ typedef void (*TestWrapper_t)( void **param_array );
 /**
  * \brief       Table of test function wrappers. Used by dispatch_test().
  *              This table is populated by script:
- *              $generator_script
+ *              __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT
  *
  */
 TestWrapper_t test_funcs[] =
 {
-$dispatch_code
-#line $line_no "suites/main_test.function"
+__MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
 };
 
 /**
@@ -265,9 +265,9 @@ int check_test( size_t func_idx )
 }
 
 
-$platform_code
+__MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE
 
-#line $line_no "suites/main_test.function"
+#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function"
 
 /*----------------------------------------------------------------------------*/
 /* Main Test code */

tests/suites/test_suite_aes.function

@@ -559,10 +559,14 @@ void aes_misc_params( )
     defined(MBEDTLS_CIPHER_MODE_XTS) || \
     defined(MBEDTLS_CIPHER_MODE_CFB) || \
     defined(MBEDTLS_CIPHER_MODE_OFB)
-    mbedtls_aes_context aes_ctx;
     const unsigned char in[16] = { 0 };
     unsigned char out[16];
 #endif
+#if defined(MBEDTLS_CIPHER_MODE_CBC) || \
+    defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_OFB)
+mbedtls_aes_context aes_ctx;
+#endif
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
     mbedtls_aes_xts_context xts_ctx;
 #endif

tests/suites/test_suite_bignum.function

@@ -11,10 +11,21 @@
  * constructing the value. */
 static int sign_is_valid( const mbedtls_mpi *X )
 {
+    /* Only +1 and -1 are valid sign bits, not e.g. 0 */
     if( X->s != 1 && X->s != -1 )
-        return( 0 ); // invalid sign bit, e.g. 0
-    if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
-        return( 0 ); // negative zero
+        return( 0 );
+
+    /* The value 0 must be represented with the sign +1. A "negative zero"
+     * with s=-1 is an invalid representation. Forbid that. As an exception,
+     * we sometimes test the robustness of library functions when given
+     * a negative zero input. If a test case has a negative zero as input,
+     * we don't mind if the function has a negative zero output. */
+    if( ! mbedtls_test_case_uses_negative_0 &&
+        mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
+    {
+        return( 0 );
+    }
+
     return( 1 );
 }
 
@@ -1172,24 +1183,57 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mbedtls_mpi_mod_int( char * input_X, int input_Y,
-                          int input_A, int div_result )
+void mbedtls_mpi_mod_int( char * input_X, char * input_Y,
+                          char * input_A, int mod_result )
 {
     mbedtls_mpi X;
+    mbedtls_mpi Y;
+    mbedtls_mpi A;
     int res;
     mbedtls_mpi_uint r;
-    mbedtls_mpi_init( &X );
 
-    TEST_ASSERT( mbedtls_test_read_mpi( &X, input_X ) == 0 );
-    res = mbedtls_mpi_mod_int( &r, &X, input_Y );
-    TEST_ASSERT( res == div_result );
+    mbedtls_mpi_init( &X );
+    mbedtls_mpi_init( &Y );
+    mbedtls_mpi_init( &A );
+
+    /* We use MPIs to read Y and A since the test framework limits us to
+     * ints, so we can't have 64-bit values */
+    TEST_EQUAL( mbedtls_test_read_mpi( &X, input_X ), 0 );
+    TEST_EQUAL( mbedtls_test_read_mpi( &Y, input_Y ), 0 );
+    TEST_EQUAL( mbedtls_test_read_mpi( &A, input_A ), 0 );
+
+    TEST_EQUAL( Y.n, 1 );
+    TEST_EQUAL( A.n, 1 );
+
+    /* Convert the MPIs for Y and A to (signed) mbedtls_mpi_sints */
+
+    /* Since we're converting sign+magnitude to two's complement, we lose one
+     * bit of value in the output. This means there are some values we can't
+     * represent, e.g. (hex) -A0000000 on 32-bit systems. These are technically
+     * invalid test cases, so could be considered "won't happen", but they are
+     * easy to test for, and this helps guard against human error. */
+
+    mbedtls_mpi_sint y = (mbedtls_mpi_sint) Y.p[0];
+    TEST_ASSERT( y >= 0 );      /* If y < 0 here, we can't make negative y */
+    if( Y.s == -1 )
+        y = -y;
+
+    mbedtls_mpi_sint a = (mbedtls_mpi_sint) A.p[0];
+    TEST_ASSERT( a >= 0 );      /* Same goes for a */
+    if( A.s == -1 )
+        a = -a;
+
+    res = mbedtls_mpi_mod_int( &r, &X, y );
+    TEST_EQUAL( res, mod_result );
     if( res == 0 )
     {
-        TEST_ASSERT( r == (mbedtls_mpi_uint) input_A );
+        TEST_EQUAL( r, a );
     }
 
 exit:
     mbedtls_mpi_free( &X );
+    mbedtls_mpi_free( &Y );
+    mbedtls_mpi_free( &A );
 }
 /* END_CASE */
 
@@ -1627,6 +1671,150 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void most_negative_mpi_sint( )
+{
+    /* Ad hoc tests for n = -p = -2^(biL-1) as a mbedtls_mpi_sint. We
+     * guarantee that mbedtls_mpi_sint is a two's complement type, so this
+     * is a valid value. However, negating it (`-n`) has undefined behavior
+     * (although in practice `-n` evaluates to the value n).
+     *
+     * This function has ad hoc tests for this value. It's separated from other
+     * functions because the test framework makes it hard to pass this value
+     * into test cases.
+     *
+     * In the comments here:
+     * - biL = number of bits in limbs
+     * - p = 2^(biL-1) (smallest positive value not in mbedtls_mpi_sint range)
+     * - n = -2^(biL-1) (largest negative value in mbedtls_mpi_sint range)
+     */
+
+    mbedtls_mpi A, R, X;
+    mbedtls_mpi_init( &A );
+    mbedtls_mpi_init( &R );
+    mbedtls_mpi_init( &X );
+
+    const size_t biL = 8 * sizeof( mbedtls_mpi_sint );
+    mbedtls_mpi_uint most_positive_plus_1 = (mbedtls_mpi_uint) 1 << ( biL - 1 );
+    const mbedtls_mpi_sint most_positive = most_positive_plus_1 - 1;
+    const mbedtls_mpi_sint most_negative = - most_positive - 1;
+    TEST_EQUAL( (mbedtls_mpi_uint) most_negative,
+                (mbedtls_mpi_uint) 1 << ( biL - 1 ) );
+    TEST_EQUAL( (mbedtls_mpi_uint) most_negative << 1, 0 );
+
+    /* Test mbedtls_mpi_lset() */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 );
+    TEST_EQUAL( A.s, -1 );
+    TEST_EQUAL( A.n, 1 );
+    TEST_EQUAL( A.p[0], most_positive_plus_1 );
+
+    /* Test mbedtls_mpi_cmp_int(): -p == -p */
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &A, most_negative ), 0 );
+
+    /* Test mbedtls_mpi_cmp_int(): -(p+1) < -p */
+    A.p[0] = most_positive_plus_1 + 1;
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &A, most_negative ), -1 );
+
+    /* Test mbedtls_mpi_cmp_int(): -(p-1) > -p */
+    A.p[0] = most_positive_plus_1 - 1;
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &A, most_negative ), 1 );
+
+    /* Test mbedtls_mpi_add_int(): (p-1) + (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, most_positive ), 0 );
+    TEST_EQUAL( mbedtls_mpi_add_int( &X, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, -1 ), 0 );
+
+    /* Test mbedtls_mpi_add_int(): (0) + (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, 0 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_add_int( &X, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, most_negative ), 0 );
+
+    /* Test mbedtls_mpi_add_int(): (-p) + (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_add_int( &X, &A, most_negative ), 0 );
+    TEST_EQUAL( X.s, -1 );
+    TEST_EQUAL( X.n, 2 );
+    TEST_EQUAL( X.p[0], 0 );
+    TEST_EQUAL( X.p[1], 1 );
+
+    /* Test mbedtls_mpi_sub_int(): (p) - (-p) */
+    mbedtls_mpi_free( &X );
+    TEST_EQUAL( mbedtls_mpi_lset( &A, most_positive ), 0 );
+    TEST_EQUAL( mbedtls_mpi_sub_int( &X, &A, most_negative ), 0 );
+    TEST_EQUAL( X.s, 1 );
+    TEST_EQUAL( X.n, 1 );
+    TEST_EQUAL( X.p[0], ~(mbedtls_mpi_uint)0 );
+
+    /* Test mbedtls_mpi_sub_int(): (0) - (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, 0 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_sub_int( &X, &A, most_negative ), 0 );
+    TEST_EQUAL( X.s, 1 );
+    TEST_EQUAL( X.n, 1 );
+    TEST_EQUAL( X.p[0], most_positive_plus_1 );
+
+    /* Test mbedtls_mpi_sub_int(): (-p) - (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_sub_int( &X, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 0 ), 0 );
+
+    /* Test mbedtls_mpi_div_int(): (-p+1) / (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, -most_positive ), 0 );
+    TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 0 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &R, -most_positive ), 0 );
+
+    /* Test mbedtls_mpi_div_int(): (-p) / (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 1 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 );
+
+    /* Test mbedtls_mpi_div_int(): (-2*p) / (-p) */
+    TEST_EQUAL( mbedtls_mpi_shift_l( &A, 1 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 2 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 );
+
+    /* Test mbedtls_mpi_div_int(): (-2*p+1) / (-p) */
+    TEST_EQUAL( mbedtls_mpi_add_int( &A, &A, 1 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 1 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &R, -most_positive ), 0 );
+
+    /* Test mbedtls_mpi_div_int(): (p-1) / (-p) */
+    TEST_EQUAL( mbedtls_mpi_lset( &A, most_positive ), 0 );
+    TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, 0 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &R, most_positive ), 0 );
+
+    /* Test mbedtls_mpi_div_int(): (p) / (-p) */
+    TEST_EQUAL( mbedtls_mpi_add_int( &A, &A, 1 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, -1 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 );
+
+    /* Test mbedtls_mpi_div_int(): (2*p) / (-p) */
+    TEST_EQUAL( mbedtls_mpi_shift_l( &A, 1 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_div_int( &X, &R, &A, most_negative ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &X, -2 ), 0 );
+    TEST_EQUAL( mbedtls_mpi_cmp_int( &R, 0 ), 0 );
+
+    /* Test mbedtls_mpi_mod_int(): never valid */
+    TEST_EQUAL( mbedtls_mpi_mod_int( X.p, &A, most_negative ),
+                MBEDTLS_ERR_MPI_NEGATIVE_VALUE );
+
+    /* Test mbedtls_mpi_random(): never valid */
+    TEST_EQUAL( mbedtls_mpi_random( &X, most_negative, &A,
+                                    mbedtls_test_rnd_std_rand, NULL ),
+                MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+exit:
+    mbedtls_mpi_free( &A );
+    mbedtls_mpi_free( &R );
+    mbedtls_mpi_free( &X );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
 void mpi_selftest(  )
 {

tests/suites/test_suite_bignum.generated.data

@@ -0,0 +1,975 @@
+# Automatically generated by generate_bignum_tests.py. Do not edit!
+
+MPI add #1 0 (null) + 0 (null)
+mbedtls_mpi_add_mpi:"":"":"0"
+
+MPI add #2 0 (null) + 0 (1 limb)
+mbedtls_mpi_add_mpi:"":"0":"0"
+
+MPI add #3 0 (null) + negative 0 (null)
+mbedtls_mpi_add_mpi:"":"-":"0"
+
+MPI add #4 0 (null) + negative with leading zero limb
+mbedtls_mpi_add_mpi:"":"-0":"0"
+
+MPI add #5 0 (null) + positive
+mbedtls_mpi_add_mpi:"":"7b":"7b"
+
+MPI add #6 0 (null) + negative
+mbedtls_mpi_add_mpi:"":"-7b":"-7b"
+
+MPI add #7 0 (null) + positive with leading zero limb
+mbedtls_mpi_add_mpi:"":"0000000000000000123":"123"
+
+MPI add #8 0 (null) + negative with leading zero limb
+mbedtls_mpi_add_mpi:"":"-0000000000000000123":"-123"
+
+MPI add #9 0 (null) + large positive
+mbedtls_mpi_add_mpi:"":"1230000000000000000":"1230000000000000000"
+
+MPI add #10 0 (null) + large negative
+mbedtls_mpi_add_mpi:"":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #11 0 (1 limb) + 0 (null)
+mbedtls_mpi_add_mpi:"0":"":"0"
+
+MPI add #12 0 (1 limb) + 0 (1 limb)
+mbedtls_mpi_add_mpi:"0":"0":"0"
+
+MPI add #13 0 (1 limb) + negative 0 (null)
+mbedtls_mpi_add_mpi:"0":"-":"0"
+
+MPI add #14 0 (1 limb) + negative with leading zero limb
+mbedtls_mpi_add_mpi:"0":"-0":"0"
+
+MPI add #15 0 (1 limb) + positive
+mbedtls_mpi_add_mpi:"0":"7b":"7b"
+
+MPI add #16 0 (1 limb) + negative
+mbedtls_mpi_add_mpi:"0":"-7b":"-7b"
+
+MPI add #17 0 (1 limb) + positive with leading zero limb
+mbedtls_mpi_add_mpi:"0":"0000000000000000123":"123"
+
+MPI add #18 0 (1 limb) + negative with leading zero limb
+mbedtls_mpi_add_mpi:"0":"-0000000000000000123":"-123"
+
+MPI add #19 0 (1 limb) + large positive
+mbedtls_mpi_add_mpi:"0":"1230000000000000000":"1230000000000000000"
+
+MPI add #20 0 (1 limb) + large negative
+mbedtls_mpi_add_mpi:"0":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #21 negative 0 (null) + 0 (null)
+mbedtls_mpi_add_mpi:"-":"":"0"
+
+MPI add #22 negative 0 (null) + 0 (1 limb)
+mbedtls_mpi_add_mpi:"-":"0":"0"
+
+MPI add #23 negative 0 (null) + negative 0 (null)
+mbedtls_mpi_add_mpi:"-":"-":"0"
+
+MPI add #24 negative 0 (null) + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-":"-0":"0"
+
+MPI add #25 negative 0 (null) + positive
+mbedtls_mpi_add_mpi:"-":"7b":"7b"
+
+MPI add #26 negative 0 (null) + negative
+mbedtls_mpi_add_mpi:"-":"-7b":"-7b"
+
+MPI add #27 negative 0 (null) + positive with leading zero limb
+mbedtls_mpi_add_mpi:"-":"0000000000000000123":"123"
+
+MPI add #28 negative 0 (null) + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-":"-0000000000000000123":"-123"
+
+MPI add #29 negative 0 (null) + large positive
+mbedtls_mpi_add_mpi:"-":"1230000000000000000":"1230000000000000000"
+
+MPI add #30 negative 0 (null) + large negative
+mbedtls_mpi_add_mpi:"-":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #31 negative with leading zero limb + 0 (null)
+mbedtls_mpi_add_mpi:"-0":"":"0"
+
+MPI add #32 negative with leading zero limb + 0 (1 limb)
+mbedtls_mpi_add_mpi:"-0":"0":"0"
+
+MPI add #33 negative with leading zero limb + negative 0 (null)
+mbedtls_mpi_add_mpi:"-0":"-":"0"
+
+MPI add #34 negative with leading zero limb + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-0":"-0":"0"
+
+MPI add #35 negative with leading zero limb + positive
+mbedtls_mpi_add_mpi:"-0":"7b":"7b"
+
+MPI add #36 negative with leading zero limb + negative
+mbedtls_mpi_add_mpi:"-0":"-7b":"-7b"
+
+MPI add #37 negative with leading zero limb + positive with leading zero limb
+mbedtls_mpi_add_mpi:"-0":"0000000000000000123":"123"
+
+MPI add #38 negative with leading zero limb + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-0":"-0000000000000000123":"-123"
+
+MPI add #39 negative with leading zero limb + large positive
+mbedtls_mpi_add_mpi:"-0":"1230000000000000000":"1230000000000000000"
+
+MPI add #40 negative with leading zero limb + large negative
+mbedtls_mpi_add_mpi:"-0":"-1230000000000000000":"-1230000000000000000"
+
+MPI add #41 positive + 0 (null)
+mbedtls_mpi_add_mpi:"7b":"":"7b"
+
+MPI add #42 positive + 0 (1 limb)
+mbedtls_mpi_add_mpi:"7b":"0":"7b"
+
+MPI add #43 positive + negative 0 (null)
+mbedtls_mpi_add_mpi:"7b":"-":"7b"
+
+MPI add #44 positive + negative with leading zero limb
+mbedtls_mpi_add_mpi:"7b":"-0":"7b"
+
+MPI add #45 positive + positive
+mbedtls_mpi_add_mpi:"7b":"7b":"f6"
+
+MPI add #46 positive + negative , result=0
+mbedtls_mpi_add_mpi:"7b":"-7b":"0"
+
+MPI add #47 positive + positive with leading zero limb
+mbedtls_mpi_add_mpi:"7b":"0000000000000000123":"19e"
+
+MPI add #48 positive + negative with leading zero limb , result<0
+mbedtls_mpi_add_mpi:"7b":"-0000000000000000123":"-a8"
+
+MPI add #49 positive + large positive
+mbedtls_mpi_add_mpi:"7b":"1230000000000000000":"123000000000000007b"
+
+MPI add #50 positive + large negative , result<0
+mbedtls_mpi_add_mpi:"7b":"-1230000000000000000":"-122ffffffffffffff85"
+
+MPI add #51 negative + 0 (null)
+mbedtls_mpi_add_mpi:"-7b":"":"-7b"
+
+MPI add #52 negative + 0 (1 limb)
+mbedtls_mpi_add_mpi:"-7b":"0":"-7b"
+
+MPI add #53 negative + negative 0 (null)
+mbedtls_mpi_add_mpi:"-7b":"-":"-7b"
+
+MPI add #54 negative + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-7b":"-0":"-7b"
+
+MPI add #55 negative + positive , result=0
+mbedtls_mpi_add_mpi:"-7b":"7b":"0"
+
+MPI add #56 negative + negative
+mbedtls_mpi_add_mpi:"-7b":"-7b":"-f6"
+
+MPI add #57 negative + positive with leading zero limb , result>0
+mbedtls_mpi_add_mpi:"-7b":"0000000000000000123":"a8"
+
+MPI add #58 negative + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-7b":"-0000000000000000123":"-19e"
+
+MPI add #59 negative + large positive , result>0
+mbedtls_mpi_add_mpi:"-7b":"1230000000000000000":"122ffffffffffffff85"
+
+MPI add #60 negative + large negative
+mbedtls_mpi_add_mpi:"-7b":"-1230000000000000000":"-123000000000000007b"
+
+MPI add #61 positive with leading zero limb + 0 (null)
+mbedtls_mpi_add_mpi:"0000000000000000123":"":"123"
+
+MPI add #62 positive with leading zero limb + 0 (1 limb)
+mbedtls_mpi_add_mpi:"0000000000000000123":"0":"123"
+
+MPI add #63 positive with leading zero limb + negative 0 (null)
+mbedtls_mpi_add_mpi:"0000000000000000123":"-":"123"
+
+MPI add #64 positive with leading zero limb + negative with leading zero limb
+mbedtls_mpi_add_mpi:"0000000000000000123":"-0":"123"
+
+MPI add #65 positive with leading zero limb + positive
+mbedtls_mpi_add_mpi:"0000000000000000123":"7b":"19e"
+
+MPI add #66 positive with leading zero limb + negative , result>0
+mbedtls_mpi_add_mpi:"0000000000000000123":"-7b":"a8"
+
+MPI add #67 positive with leading zero limb + positive with leading zero limb
+mbedtls_mpi_add_mpi:"0000000000000000123":"0000000000000000123":"246"
+
+MPI add #68 positive with leading zero limb + negative with leading zero limb , result=0
+mbedtls_mpi_add_mpi:"0000000000000000123":"-0000000000000000123":"0"
+
+MPI add #69 positive with leading zero limb + large positive
+mbedtls_mpi_add_mpi:"0000000000000000123":"1230000000000000000":"1230000000000000123"
+
+MPI add #70 positive with leading zero limb + large negative , result<0
+mbedtls_mpi_add_mpi:"0000000000000000123":"-1230000000000000000":"-122fffffffffffffedd"
+
+MPI add #71 negative with leading zero limb + 0 (null)
+mbedtls_mpi_add_mpi:"-0000000000000000123":"":"-123"
+
+MPI add #72 negative with leading zero limb + 0 (1 limb)
+mbedtls_mpi_add_mpi:"-0000000000000000123":"0":"-123"
+
+MPI add #73 negative with leading zero limb + negative 0 (null)
+mbedtls_mpi_add_mpi:"-0000000000000000123":"-":"-123"
+
+MPI add #74 negative with leading zero limb + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-0000000000000000123":"-0":"-123"
+
+MPI add #75 negative with leading zero limb + positive , result<0
+mbedtls_mpi_add_mpi:"-0000000000000000123":"7b":"-a8"
+
+MPI add #76 negative with leading zero limb + negative
+mbedtls_mpi_add_mpi:"-0000000000000000123":"-7b":"-19e"
+
+MPI add #77 negative with leading zero limb + positive with leading zero limb , result=0
+mbedtls_mpi_add_mpi:"-0000000000000000123":"0000000000000000123":"0"
+
+MPI add #78 negative with leading zero limb + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-0000000000000000123":"-0000000000000000123":"-246"
+
+MPI add #79 negative with leading zero limb + large positive , result>0
+mbedtls_mpi_add_mpi:"-0000000000000000123":"1230000000000000000":"122fffffffffffffedd"
+
+MPI add #80 negative with leading zero limb + large negative
+mbedtls_mpi_add_mpi:"-0000000000000000123":"-1230000000000000000":"-1230000000000000123"
+
+MPI add #81 large positive + 0 (null)
+mbedtls_mpi_add_mpi:"1230000000000000000":"":"1230000000000000000"
+
+MPI add #82 large positive + 0 (1 limb)
+mbedtls_mpi_add_mpi:"1230000000000000000":"0":"1230000000000000000"
+
+MPI add #83 large positive + negative 0 (null)
+mbedtls_mpi_add_mpi:"1230000000000000000":"-":"1230000000000000000"
+
+MPI add #84 large positive + negative with leading zero limb
+mbedtls_mpi_add_mpi:"1230000000000000000":"-0":"1230000000000000000"
+
+MPI add #85 large positive + positive
+mbedtls_mpi_add_mpi:"1230000000000000000":"7b":"123000000000000007b"
+
+MPI add #86 large positive + negative , result>0
+mbedtls_mpi_add_mpi:"1230000000000000000":"-7b":"122ffffffffffffff85"
+
+MPI add #87 large positive + positive with leading zero limb
+mbedtls_mpi_add_mpi:"1230000000000000000":"0000000000000000123":"1230000000000000123"
+
+MPI add #88 large positive + negative with leading zero limb , result>0
+mbedtls_mpi_add_mpi:"1230000000000000000":"-0000000000000000123":"122fffffffffffffedd"
+
+MPI add #89 large positive + large positive
+mbedtls_mpi_add_mpi:"1230000000000000000":"1230000000000000000":"2460000000000000000"
+
+MPI add #90 large positive + large negative , result=0
+mbedtls_mpi_add_mpi:"1230000000000000000":"-1230000000000000000":"0"
+
+MPI add #91 large negative + 0 (null)
+mbedtls_mpi_add_mpi:"-1230000000000000000":"":"-1230000000000000000"
+
+MPI add #92 large negative + 0 (1 limb)
+mbedtls_mpi_add_mpi:"-1230000000000000000":"0":"-1230000000000000000"
+
+MPI add #93 large negative + negative 0 (null)
+mbedtls_mpi_add_mpi:"-1230000000000000000":"-":"-1230000000000000000"
+
+MPI add #94 large negative + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-1230000000000000000":"-0":"-1230000000000000000"
+
+MPI add #95 large negative + positive , result<0
+mbedtls_mpi_add_mpi:"-1230000000000000000":"7b":"-122ffffffffffffff85"
+
+MPI add #96 large negative + negative
+mbedtls_mpi_add_mpi:"-1230000000000000000":"-7b":"-123000000000000007b"
+
+MPI add #97 large negative + positive with leading zero limb , result<0
+mbedtls_mpi_add_mpi:"-1230000000000000000":"0000000000000000123":"-122fffffffffffffedd"
+
+MPI add #98 large negative + negative with leading zero limb
+mbedtls_mpi_add_mpi:"-1230000000000000000":"-0000000000000000123":"-1230000000000000123"
+
+MPI add #99 large negative + large positive , result=0
+mbedtls_mpi_add_mpi:"-1230000000000000000":"1230000000000000000":"0"
+
+MPI add #100 large negative + large negative
+mbedtls_mpi_add_mpi:"-1230000000000000000":"-1230000000000000000":"-2460000000000000000"
+
+MPI add #101 large positive + large positive
+mbedtls_mpi_add_mpi:"1c67967269c6":"1c67967269c6":"38cf2ce4d38c"
+
+MPI add #102 large positive + positive
+mbedtls_mpi_add_mpi:"1c67967269c6":"9cde3":"1c67967c37a9"
+
+MPI add #103 large positive + large negative , result=0
+mbedtls_mpi_add_mpi:"1c67967269c6":"-1c67967269c6":"0"
+
+MPI add #104 large positive + negative , result>0
+mbedtls_mpi_add_mpi:"1c67967269c6":"-9cde3":"1c6796689be3"
+
+MPI add #105 positive + large positive
+mbedtls_mpi_add_mpi:"9cde3":"1c67967269c6":"1c67967c37a9"
+
+MPI add #106 positive + positive
+mbedtls_mpi_add_mpi:"9cde3":"9cde3":"139bc6"
+
+MPI add #107 positive + large negative , result<0
+mbedtls_mpi_add_mpi:"9cde3":"-1c67967269c6":"-1c6796689be3"
+
+MPI add #108 positive + negative , result=0
+mbedtls_mpi_add_mpi:"9cde3":"-9cde3":"0"
+
+MPI add #109 large negative + large positive , result=0
+mbedtls_mpi_add_mpi:"-1c67967269c6":"1c67967269c6":"0"
+
+MPI add #110 large negative + positive , result<0
+mbedtls_mpi_add_mpi:"-1c67967269c6":"9cde3":"-1c6796689be3"
+
+MPI add #111 large negative + large negative
+mbedtls_mpi_add_mpi:"-1c67967269c6":"-1c67967269c6":"-38cf2ce4d38c"
+
+MPI add #112 large negative + negative
+mbedtls_mpi_add_mpi:"-1c67967269c6":"-9cde3":"-1c67967c37a9"
+
+MPI add #113 negative + large positive , result>0
+mbedtls_mpi_add_mpi:"-9cde3":"1c67967269c6":"1c6796689be3"
+
+MPI add #114 negative + positive , result=0
+mbedtls_mpi_add_mpi:"-9cde3":"9cde3":"0"
+
+MPI add #115 negative + large negative
+mbedtls_mpi_add_mpi:"-9cde3":"-1c67967269c6":"-1c67967c37a9"
+
+MPI add #116 negative + negative
+mbedtls_mpi_add_mpi:"-9cde3":"-9cde3":"-139bc6"
+
+MPI compare #1 0 (null) == 0 (null)
+mbedtls_mpi_cmp_mpi:"":"":0
+
+MPI compare #2 0 (null) == 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"":"0":0
+
+MPI compare #3 0 (null) == negative 0 (null)
+mbedtls_mpi_cmp_mpi:"":"-":0
+
+MPI compare #4 0 (null) == negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"":"-0":0
+
+MPI compare #5 0 (null) < positive
+mbedtls_mpi_cmp_mpi:"":"7b":-1
+
+MPI compare #6 0 (null) > negative
+mbedtls_mpi_cmp_mpi:"":"-7b":1
+
+MPI compare #7 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"":"0000000000000000123":-1
+
+MPI compare #8 0 (null) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"":"-0000000000000000123":1
+
+MPI compare #9 0 (null) < large positive
+mbedtls_mpi_cmp_mpi:"":"1230000000000000000":-1
+
+MPI compare #10 0 (null) > large negative
+mbedtls_mpi_cmp_mpi:"":"-1230000000000000000":1
+
+MPI compare #11 0 (1 limb) == 0 (null)
+mbedtls_mpi_cmp_mpi:"0":"":0
+
+MPI compare #12 0 (1 limb) == 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"0":"0":0
+
+MPI compare #13 0 (1 limb) == negative 0 (null)
+mbedtls_mpi_cmp_mpi:"0":"-":0
+
+MPI compare #14 0 (1 limb) == negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"0":"-0":0
+
+MPI compare #15 0 (1 limb) < positive
+mbedtls_mpi_cmp_mpi:"0":"7b":-1
+
+MPI compare #16 0 (1 limb) > negative
+mbedtls_mpi_cmp_mpi:"0":"-7b":1
+
+MPI compare #17 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"0":"0000000000000000123":-1
+
+MPI compare #18 0 (1 limb) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"0":"-0000000000000000123":1
+
+MPI compare #19 0 (1 limb) < large positive
+mbedtls_mpi_cmp_mpi:"0":"1230000000000000000":-1
+
+MPI compare #20 0 (1 limb) > large negative
+mbedtls_mpi_cmp_mpi:"0":"-1230000000000000000":1
+
+MPI compare #21 negative 0 (null) == 0 (null)
+mbedtls_mpi_cmp_mpi:"-":"":0
+
+MPI compare #22 negative 0 (null) == 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"-":"0":0
+
+MPI compare #23 negative 0 (null) == negative 0 (null)
+mbedtls_mpi_cmp_mpi:"-":"-":0
+
+MPI compare #24 negative 0 (null) == negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-":"-0":0
+
+MPI compare #25 negative 0 (null) < positive
+mbedtls_mpi_cmp_mpi:"-":"7b":-1
+
+MPI compare #26 negative 0 (null) > negative
+mbedtls_mpi_cmp_mpi:"-":"-7b":1
+
+MPI compare #27 negative 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"-":"0000000000000000123":-1
+
+MPI compare #28 negative 0 (null) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-":"-0000000000000000123":1
+
+MPI compare #29 negative 0 (null) < large positive
+mbedtls_mpi_cmp_mpi:"-":"1230000000000000000":-1
+
+MPI compare #30 negative 0 (null) > large negative
+mbedtls_mpi_cmp_mpi:"-":"-1230000000000000000":1
+
+MPI compare #31 negative with leading zero limb == 0 (null)
+mbedtls_mpi_cmp_mpi:"-0":"":0
+
+MPI compare #32 negative with leading zero limb == 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"-0":"0":0
+
+MPI compare #33 negative with leading zero limb == negative 0 (null)
+mbedtls_mpi_cmp_mpi:"-0":"-":0
+
+MPI compare #34 negative with leading zero limb == negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-0":"-0":0
+
+MPI compare #35 negative with leading zero limb < positive
+mbedtls_mpi_cmp_mpi:"-0":"7b":-1
+
+MPI compare #36 negative with leading zero limb > negative
+mbedtls_mpi_cmp_mpi:"-0":"-7b":1
+
+MPI compare #37 negative with leading zero limb < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"-0":"0000000000000000123":-1
+
+MPI compare #38 negative with leading zero limb > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-0":"-0000000000000000123":1
+
+MPI compare #39 negative with leading zero limb < large positive
+mbedtls_mpi_cmp_mpi:"-0":"1230000000000000000":-1
+
+MPI compare #40 negative with leading zero limb > large negative
+mbedtls_mpi_cmp_mpi:"-0":"-1230000000000000000":1
+
+MPI compare #41 positive > 0 (null)
+mbedtls_mpi_cmp_mpi:"7b":"":1
+
+MPI compare #42 positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"7b":"0":1
+
+MPI compare #43 positive > negative 0 (null)
+mbedtls_mpi_cmp_mpi:"7b":"-":1
+
+MPI compare #44 positive > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"7b":"-0":1
+
+MPI compare #45 positive == positive
+mbedtls_mpi_cmp_mpi:"7b":"7b":0
+
+MPI compare #46 positive > negative
+mbedtls_mpi_cmp_mpi:"7b":"-7b":1
+
+MPI compare #47 positive < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"7b":"0000000000000000123":-1
+
+MPI compare #48 positive > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"7b":"-0000000000000000123":1
+
+MPI compare #49 positive < large positive
+mbedtls_mpi_cmp_mpi:"7b":"1230000000000000000":-1
+
+MPI compare #50 positive > large negative
+mbedtls_mpi_cmp_mpi:"7b":"-1230000000000000000":1
+
+MPI compare #51 negative < 0 (null)
+mbedtls_mpi_cmp_mpi:"-7b":"":-1
+
+MPI compare #52 negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"-7b":"0":-1
+
+MPI compare #53 negative < negative 0 (null)
+mbedtls_mpi_cmp_mpi:"-7b":"-":-1
+
+MPI compare #54 negative < negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-7b":"-0":-1
+
+MPI compare #55 negative < positive
+mbedtls_mpi_cmp_mpi:"-7b":"7b":-1
+
+MPI compare #56 negative == negative
+mbedtls_mpi_cmp_mpi:"-7b":"-7b":0
+
+MPI compare #57 negative < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"-7b":"0000000000000000123":-1
+
+MPI compare #58 negative > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-7b":"-0000000000000000123":1
+
+MPI compare #59 negative < large positive
+mbedtls_mpi_cmp_mpi:"-7b":"1230000000000000000":-1
+
+MPI compare #60 negative > large negative
+mbedtls_mpi_cmp_mpi:"-7b":"-1230000000000000000":1
+
+MPI compare #61 positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"":1
+
+MPI compare #62 positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"0":1
+
+MPI compare #63 positive with leading zero limb > negative 0 (null)
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"-":1
+
+MPI compare #64 positive with leading zero limb > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"-0":1
+
+MPI compare #65 positive with leading zero limb > positive
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"7b":1
+
+MPI compare #66 positive with leading zero limb > negative
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"-7b":1
+
+MPI compare #67 positive with leading zero limb == positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"0000000000000000123":0
+
+MPI compare #68 positive with leading zero limb > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"-0000000000000000123":1
+
+MPI compare #69 positive with leading zero limb < large positive
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare #70 positive with leading zero limb > large negative
+mbedtls_mpi_cmp_mpi:"0000000000000000123":"-1230000000000000000":1
+
+MPI compare #71 negative with leading zero limb < 0 (null)
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"":-1
+
+MPI compare #72 negative with leading zero limb < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"0":-1
+
+MPI compare #73 negative with leading zero limb < negative 0 (null)
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"-":-1
+
+MPI compare #74 negative with leading zero limb < negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"-0":-1
+
+MPI compare #75 negative with leading zero limb < positive
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"7b":-1
+
+MPI compare #76 negative with leading zero limb < negative
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"-7b":-1
+
+MPI compare #77 negative with leading zero limb < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"0000000000000000123":-1
+
+MPI compare #78 negative with leading zero limb == negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"-0000000000000000123":0
+
+MPI compare #79 negative with leading zero limb < large positive
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"1230000000000000000":-1
+
+MPI compare #80 negative with leading zero limb > large negative
+mbedtls_mpi_cmp_mpi:"-0000000000000000123":"-1230000000000000000":1
+
+MPI compare #81 large positive > 0 (null)
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"":1
+
+MPI compare #82 large positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"0":1
+
+MPI compare #83 large positive > negative 0 (null)
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"-":1
+
+MPI compare #84 large positive > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"-0":1
+
+MPI compare #85 large positive > positive
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"7b":1
+
+MPI compare #86 large positive > negative
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"-7b":1
+
+MPI compare #87 large positive > positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"0000000000000000123":1
+
+MPI compare #88 large positive > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"-0000000000000000123":1
+
+MPI compare #89 large positive == large positive
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"1230000000000000000":0
+
+MPI compare #90 large positive > large negative
+mbedtls_mpi_cmp_mpi:"1230000000000000000":"-1230000000000000000":1
+
+MPI compare #91 large negative < 0 (null)
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"":-1
+
+MPI compare #92 large negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"0":-1
+
+MPI compare #93 large negative < negative 0 (null)
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"-":-1
+
+MPI compare #94 large negative < negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"-0":-1
+
+MPI compare #95 large negative < positive
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"7b":-1
+
+MPI compare #96 large negative < negative
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"-7b":-1
+
+MPI compare #97 large negative < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"0000000000000000123":-1
+
+MPI compare #98 large negative < negative with leading zero limb
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"-0000000000000000123":-1
+
+MPI compare #99 large negative < large positive
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"1230000000000000000":-1
+
+MPI compare #100 large negative == large negative
+mbedtls_mpi_cmp_mpi:"-1230000000000000000":"-1230000000000000000":0
+
+MPI compare #101 negative > negative
+mbedtls_mpi_cmp_mpi:"-2":"-3":1
+
+MPI compare #102 negative == negative
+mbedtls_mpi_cmp_mpi:"-2":"-2":0
+
+MPI compare #103 positive < positive
+mbedtls_mpi_cmp_mpi:"2b4":"2b5":-1
+
+MPI compare #104 positive < positive
+mbedtls_mpi_cmp_mpi:"2b5":"2b6":-1
+
+MPI compare (abs) #1 0 (null) == 0 (null)
+mbedtls_mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #2 0 (null) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #3 0 (null) == 0 (null)
+mbedtls_mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #4 0 (null) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #5 0 (null) < positive
+mbedtls_mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #6 0 (null) < positive
+mbedtls_mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #7 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #8 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #9 0 (null) < large positive
+mbedtls_mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #10 0 (null) < large positive
+mbedtls_mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #11 0 (1 limb) == 0 (null)
+mbedtls_mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #12 0 (1 limb) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #13 0 (1 limb) == 0 (null)
+mbedtls_mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #14 0 (1 limb) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #15 0 (1 limb) < positive
+mbedtls_mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #16 0 (1 limb) < positive
+mbedtls_mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #17 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #18 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #19 0 (1 limb) < large positive
+mbedtls_mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #20 0 (1 limb) < large positive
+mbedtls_mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #21 0 (null) == 0 (null)
+mbedtls_mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #22 0 (null) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #23 0 (null) == 0 (null)
+mbedtls_mpi_cmp_abs:"":"":0
+
+MPI compare (abs) #24 0 (null) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"":"0":0
+
+MPI compare (abs) #25 0 (null) < positive
+mbedtls_mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #26 0 (null) < positive
+mbedtls_mpi_cmp_abs:"":"7b":-1
+
+MPI compare (abs) #27 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #28 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"":"0000000000000000123":-1
+
+MPI compare (abs) #29 0 (null) < large positive
+mbedtls_mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #30 0 (null) < large positive
+mbedtls_mpi_cmp_abs:"":"1230000000000000000":-1
+
+MPI compare (abs) #31 0 (1 limb) == 0 (null)
+mbedtls_mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #32 0 (1 limb) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #33 0 (1 limb) == 0 (null)
+mbedtls_mpi_cmp_abs:"0":"":0
+
+MPI compare (abs) #34 0 (1 limb) == 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0":"0":0
+
+MPI compare (abs) #35 0 (1 limb) < positive
+mbedtls_mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #36 0 (1 limb) < positive
+mbedtls_mpi_cmp_abs:"0":"7b":-1
+
+MPI compare (abs) #37 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #38 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0":"0000000000000000123":-1
+
+MPI compare (abs) #39 0 (1 limb) < large positive
+mbedtls_mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #40 0 (1 limb) < large positive
+mbedtls_mpi_cmp_abs:"0":"1230000000000000000":-1
+
+MPI compare (abs) #41 positive > 0 (null)
+mbedtls_mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #42 positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #43 positive > 0 (null)
+mbedtls_mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #44 positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #45 positive == positive
+mbedtls_mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #46 positive == positive
+mbedtls_mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #47 positive < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #48 positive < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #49 positive < large positive
+mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #50 positive < large positive
+mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #51 positive > 0 (null)
+mbedtls_mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #52 positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #53 positive > 0 (null)
+mbedtls_mpi_cmp_abs:"7b":"":1
+
+MPI compare (abs) #54 positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"7b":"0":1
+
+MPI compare (abs) #55 positive == positive
+mbedtls_mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #56 positive == positive
+mbedtls_mpi_cmp_abs:"7b":"7b":0
+
+MPI compare (abs) #57 positive < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #58 positive < positive with leading zero limb
+mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
+
+MPI compare (abs) #59 positive < large positive
+mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #60 positive < large positive
+mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
+
+MPI compare (abs) #61 positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #62 positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #63 positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #64 positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #65 positive with leading zero limb > positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #66 positive with leading zero limb > positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #67 positive with leading zero limb == positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #68 positive with leading zero limb == positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #69 positive with leading zero limb < large positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #70 positive with leading zero limb < large positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #71 positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #72 positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #73 positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"":1
+
+MPI compare (abs) #74 positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0":1
+
+MPI compare (abs) #75 positive with leading zero limb > positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #76 positive with leading zero limb > positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"7b":1
+
+MPI compare (abs) #77 positive with leading zero limb == positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #78 positive with leading zero limb == positive with leading zero limb
+mbedtls_mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
+
+MPI compare (abs) #79 positive with leading zero limb < large positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #80 positive with leading zero limb < large positive
+mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
+
+MPI compare (abs) #81 large positive > 0 (null)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #82 large positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #83 large positive > 0 (null)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #84 large positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #85 large positive > positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #86 large positive > positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #87 large positive > positive with leading zero limb
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #88 large positive > positive with leading zero limb
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #89 large positive == large positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #90 large positive == large positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #91 large positive > 0 (null)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #92 large positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #93 large positive > 0 (null)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"":1
+
+MPI compare (abs) #94 large positive > 0 (1 limb)
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0":1
+
+MPI compare (abs) #95 large positive > positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #96 large positive > positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"7b":1
+
+MPI compare (abs) #97 large positive > positive with leading zero limb
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #98 large positive > positive with leading zero limb
+mbedtls_mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1
+
+MPI compare (abs) #99 large positive == large positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #100 large positive == large positive
+mbedtls_mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
+
+MPI compare (abs) #101 positive < positive
+mbedtls_mpi_cmp_abs:"2":"3":-1
+
+MPI compare (abs) #102 positive == positive
+mbedtls_mpi_cmp_abs:"2":"2":0
+
+MPI compare (abs) #103 positive < positive
+mbedtls_mpi_cmp_abs:"2b4":"2b5":-1
+
+MPI compare (abs) #104 positive < positive
+mbedtls_mpi_cmp_abs:"2b5":"2b6":-1
+
+# End of automatically generated file.

tests/suites/test_suite_bignum.misc.data

@@ -1141,6 +1141,18 @@ mbedtls_mpi_div_mpi:"":"1":"":"":0
 Test mbedtls_mpi_div_mpi: 0 (null) / -1
 mbedtls_mpi_div_mpi:"":"-1":"":"":0
 
+Test mbedtls_mpi_div_mpi: -0 (null) / 1
+mbedtls_mpi_div_mpi:"-":"1":"":"":0
+
+Test mbedtls_mpi_div_mpi: -0 (null) / -1
+mbedtls_mpi_div_mpi:"-":"-1":"":"":0
+
+Test mbedtls_mpi_div_mpi: -0 (null) / 42
+mbedtls_mpi_div_mpi:"-":"2a":"":"":0
+
+Test mbedtls_mpi_div_mpi: -0 (null) / -42
+mbedtls_mpi_div_mpi:"-":"-2a":"":"":0
+
 Test mbedtls_mpi_div_mpi #1
 mbedtls_mpi_div_mpi:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"22":"4a6abf75b13dc268ea9cc8b5b6aaf0ac85ecd437a4e0987fb13cf8d2acc57c0306c738c1583":"1a":0
 
@@ -1201,41 +1213,85 @@ mbedtls_mpi_mod_mpi:"":"1":"":0
 Test mbedtls_mpi_mod_mpi: 0 (null) % -1
 mbedtls_mpi_mod_mpi:"":"-1":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
 
+Test mbedtls_mpi_mod_mpi: -0 (null) % 1
+mbedtls_mpi_mod_mpi:"-":"1":"":0
+
+Test mbedtls_mpi_mod_mpi: -0 (null) % -1
+mbedtls_mpi_mod_mpi:"-":"-1":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+Test mbedtls_mpi_mod_mpi: -0 (null) % 42
+mbedtls_mpi_mod_mpi:"-":"2a":"":0
+
+Test mbedtls_mpi_mod_mpi: -0 (null) % -42
+mbedtls_mpi_mod_mpi:"-":"-2a":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
 Base test mbedtls_mpi_mod_int #1
-mbedtls_mpi_mod_int:"3e8":13:12:0
+mbedtls_mpi_mod_int:"3e8":"d":"c":0
 
 Base test mbedtls_mpi_mod_int #2 (Divide by zero)
-mbedtls_mpi_mod_int:"3e8":0:0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+mbedtls_mpi_mod_int:"3e8":"0":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
 
 Base test mbedtls_mpi_mod_int #3
-mbedtls_mpi_mod_int:"-3e8":13:1:0
+mbedtls_mpi_mod_int:"-3e8":"d":"1":0
 
 Base test mbedtls_mpi_mod_int #4 (Negative modulo)
-mbedtls_mpi_mod_int:"3e8":-13:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+mbedtls_mpi_mod_int:"3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
 
 Base test mbedtls_mpi_mod_int #5 (Negative modulo)
-mbedtls_mpi_mod_int:"-3e8":-13:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+mbedtls_mpi_mod_int:"-3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
 
 Base test mbedtls_mpi_mod_int #6 (By 1)
-mbedtls_mpi_mod_int:"3e8":1:0:0
+mbedtls_mpi_mod_int:"3e8":"1":"0":0
 
 Base test mbedtls_mpi_mod_int #7 (By 2)
-mbedtls_mpi_mod_int:"3e9":2:1:0
+mbedtls_mpi_mod_int:"3e9":"2":"1":0
 
 Base test mbedtls_mpi_mod_int #8 (By 2)
-mbedtls_mpi_mod_int:"3e8":2:0:0
+mbedtls_mpi_mod_int:"3e8":"2":"0":0
 
 Test mbedtls_mpi_mod_int: 0 (null) % 1
-mbedtls_mpi_mod_int:"":1:0:0
+mbedtls_mpi_mod_int:"":"1":"0":0
 
 Test mbedtls_mpi_mod_int: 0 (null) % 2
-mbedtls_mpi_mod_int:"":2:0:0
+mbedtls_mpi_mod_int:"":"2":"0":0
 
 Test mbedtls_mpi_mod_int: 0 (null) % -1
-mbedtls_mpi_mod_int:"":-1:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+mbedtls_mpi_mod_int:"":"-1":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
 
 Test mbedtls_mpi_mod_int: 0 (null) % -2
-mbedtls_mpi_mod_int:"":-2:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+mbedtls_mpi_mod_int:"":"-2":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
+# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
+#Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
+#depends_on:MBEDTLS_HAVE_INT64
+#mbedtls_mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0
+
+Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810
+mbedtls_mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0
+
+# CURRENTLY FAILS - SEE GITHUB ISSUE #6540
+#Test mbedtls_mpi_mod_int: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
+#depends_on:MBEDTLS_HAVE_INT64
+#mbedtls_mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
+
+Test mbedtls_mpi_mod_mpi: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0
+mbedtls_mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0
+
+# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
+Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
+depends_on:MBEDTLS_HAVE_INT64
+mbedtls_mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
+
+Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 1205652040 -> 3644370
+mbedtls_mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0
+
+# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE
+Test mbedtls_mpi_mod_int: 230772460340063000000100500000296355640 % 1205652040 -> 0
+depends_on:MBEDTLS_HAVE_INT64
+mbedtls_mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0
+
+Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000296355640 % 1205652040 -> 0
+mbedtls_mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0
 
 Base test mbedtls_mpi_exp_mod #1
 mbedtls_mpi_exp_mod:"17":"d":"1d":"18":0
@@ -1899,6 +1955,9 @@ mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 MPI random bad arguments: min > N = 1, 0 limb in upper bound
 mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 
+Most negative mbedtls_mpi_sint
+most_negative_mpi_sint:
+
 MPI Selftest
 depends_on:MBEDTLS_SELF_TEST
 mpi_selftest:

tests/suites/test_suite_cipher.aria.data

@@ -1,3 +1,3 @@
 Aria CBC Decrypt empty buffer
-depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC:0:0

tests/suites/test_suite_cipher.blowfish.data

@@ -3,7 +3,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0
 
 BLOWFISH Encrypt and decrypt 0 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1
 
 BLOWFISH Encrypt and decrypt 1 byte [#1]
@@ -19,7 +19,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:-1
 
 BLOWFISH Encrypt and decrypt 8 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:-1
 
 BLOWFISH Encrypt and decrypt 9 bytes [#1]
@@ -31,7 +31,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:-1
 
 BLOWFISH Encrypt and decrypt 16 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:-1
 
 BLOWFISH Encrypt and decrypt 17 bytes [#1]
@@ -43,7 +43,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:-1
 
 BLOWFISH Encrypt and decrypt 32 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:-1
 
 BLOWFISH Encrypt and decrypt 32 bytes [#2]
@@ -55,7 +55,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:-1
 
 BLOWFISH Encrypt and decrypt 48 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:-1
 
 BLOWFISH Encrypt and decrypt 49 bytes [#1]
@@ -63,247 +63,247 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:-1
 
 BLOWFISH Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 BLOWFISH Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 BLOWFISH Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS
 
 BLOWFISH Encrypt and decrypt 0 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 8 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 16 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 32 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_NONE
 
 BLOWFISH Encrypt and decrypt 48 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_NONE
 
 BLOWFISH Try encrypting 1 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 2 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 7 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 9 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 15 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 17 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 31 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 33 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 47 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Try encrypting 49 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:0:-1:0:0:0:0
 
 BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#1]
@@ -319,15 +319,15 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:0:-1:16:0:8:8
 
 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:16:-1:0:16:0:16
 
 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:15:-1:0:16:0:16
 
 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:1:-1:8:8:8:8
 
 BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#1]

tests/suites/test_suite_cipher.camellia.data

@@ -67,183 +67,183 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:-1
 
 CAMELLIA Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 CAMELLIA Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 CAMELLIA Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ZEROS
 
 CAMELLIA Encrypt and decrypt 0 bytes with no padding

tests/suites/test_suite_cipher.des.data

@@ -71,243 +71,243 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:-1
 
 DES Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ONE_AND_ZEROS
 
 DES Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ZEROS_AND_LEN
 
 DES Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ZEROS
 
 DES Encrypt and decrypt 0 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 8 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 16 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 32 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_NONE
 
 DES Encrypt and decrypt 48 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_NONE
 
 DES Try encrypting 1 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 2 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 7 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 9 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 15 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 17 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 31 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 33 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 47 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Try encrypting 49 bytes with no padding
-depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
 
 DES Encrypt and decrypt 0 bytes in multiple parts

tests/suites/test_suite_cmac.data

@@ -2,6 +2,7 @@ CMAC self test
 mbedtls_cmac_self_test:
 
 CMAC null arguments
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_null_args:
 
 CMAC init #1 AES-128: OK
@@ -16,7 +17,7 @@ CMAC init #3 AES-256: OK
 depends_on:MBEDTLS_AES_C
 mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_256_ECB:256:0
 
-CMAC init #4 3DES : OK
+CMAC init #4 3DES: OK
 depends_on:MBEDTLS_DES_C
 mbedtls_cmac_setkey:MBEDTLS_CIPHER_DES_EDE3_ECB:192:0
 
@@ -33,32 +34,42 @@ depends_on:MBEDTLS_CAMELLIA_C
 mbedtls_cmac_setkey:MBEDTLS_CIPHER_CAMELLIA_192_ECB:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
 
 CMAC Single Blocks #1 - Empty block, no updates
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":-1:"":-1:"":-1:"":-1:"bb1d6929e95937287fa37d129b756746"
 
 CMAC Single Blocks #2 - Single 16 byte block
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"":-1:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
 
 CMAC Single Blocks #3 - Single 64 byte block
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"":-1:"51f0bebf7e3b9d92fc49741779363cfe"
 
 CMAC Multiple Blocks #1 - Multiple 8 byte blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172a":8:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
 
 CMAC Multiple Blocks #2 - Multiple 16 byte blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"ae2d8a571e03ac9c9eb76fac45af8e51":16:"30c81c46a35ce411e5fbc1191a0a52ef":16:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
 
 CMAC Multiple Blocks #3 - Multiple variable sized blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172aae2d8a571e03ac9c":16:"9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52ef":24:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
 
 CMAC Multiple Blocks #4 - Multiple 8 byte blocks with gaps
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":0:"6bc1bee22e409f96":8:"":0:"e93d7e117393172a":8:"070a16b46b4d4144f79bdd9dd04a287c"
 
 CMAC Multiple Operations, same key #1 - Empty, empty
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367"
 
 CMAC Multiple Operations, same key #2 - Empty, 64 byte block
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"a1d5df0eed790f794d77589659f39a11"
 
 CMAC Multiple Operations, same key #3 - variable byte blocks
+depends_on:MBEDTLS_AES_C
 mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11"
 

tests/suites/test_suite_cmac.function

@@ -77,7 +77,7 @@ void mbedtls_cmac_null_args(  )
                                       test_data, 16,
                                       NULL ) ==
                                             MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
+#if defined(MBEDTLS_AES_C)
     TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16,
                                            test_data, 16,
                                            test_output ) ==
@@ -92,7 +92,7 @@ void mbedtls_cmac_null_args(  )
                                            test_data, 16,
                                            NULL ) ==
                                               MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
+#endif
 exit:
     mbedtls_cipher_free( &ctx );
 }

tests/suites/test_suite_gcm.function

@@ -276,7 +276,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
 void gcm_selftest(  )
 {
     TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 );

tests/suites/test_suite_mpi.generated.data

@@ -1,381 +0,0 @@
-# Automatically generated by generate_bignum_tests.py. Do not edit!
-
-MPI add #1 0 (null) + 0 (null)
-mbedtls_mpi_add_mpi:"":"":"0"
-
-MPI add #2 0 (null) + 0 (1 limb)
-mbedtls_mpi_add_mpi:"":"0":"0"
-
-MPI add #3 0 (null) + positive
-mbedtls_mpi_add_mpi:"":"7b":"7b"
-
-MPI add #4 0 (null) + negative
-mbedtls_mpi_add_mpi:"":"-7b":"-7b"
-
-MPI add #5 0 (null) + positive with leading zero limb
-mbedtls_mpi_add_mpi:"":"0000000000000000123":"123"
-
-MPI add #6 0 (null) + negative with leading zero limb
-mbedtls_mpi_add_mpi:"":"-0000000000000000123":"-123"
-
-MPI add #7 0 (null) + large positive
-mbedtls_mpi_add_mpi:"":"1230000000000000000":"1230000000000000000"
-
-MPI add #8 0 (null) + large negative
-mbedtls_mpi_add_mpi:"":"-1230000000000000000":"-1230000000000000000"
-
-MPI add #9 0 (1 limb) + 0 (1 limb)
-mbedtls_mpi_add_mpi:"0":"0":"0"
-
-MPI add #10 0 (1 limb) + positive
-mbedtls_mpi_add_mpi:"0":"7b":"7b"
-
-MPI add #11 0 (1 limb) + negative
-mbedtls_mpi_add_mpi:"0":"-7b":"-7b"
-
-MPI add #12 0 (1 limb) + positive with leading zero limb
-mbedtls_mpi_add_mpi:"0":"0000000000000000123":"123"
-
-MPI add #13 0 (1 limb) + negative with leading zero limb
-mbedtls_mpi_add_mpi:"0":"-0000000000000000123":"-123"
-
-MPI add #14 0 (1 limb) + large positive
-mbedtls_mpi_add_mpi:"0":"1230000000000000000":"1230000000000000000"
-
-MPI add #15 0 (1 limb) + large negative
-mbedtls_mpi_add_mpi:"0":"-1230000000000000000":"-1230000000000000000"
-
-MPI add #16 positive + positive
-mbedtls_mpi_add_mpi:"7b":"7b":"f6"
-
-MPI add #17 positive + negative
-mbedtls_mpi_add_mpi:"7b":"-7b":"0"
-
-MPI add #18 positive + positive with leading zero limb
-mbedtls_mpi_add_mpi:"7b":"0000000000000000123":"19e"
-
-MPI add #19 positive + negative with leading zero limb
-mbedtls_mpi_add_mpi:"7b":"-0000000000000000123":"-a8"
-
-MPI add #20 positive + large positive
-mbedtls_mpi_add_mpi:"7b":"1230000000000000000":"123000000000000007b"
-
-MPI add #21 positive + large negative
-mbedtls_mpi_add_mpi:"7b":"-1230000000000000000":"-122ffffffffffffff85"
-
-MPI add #22 negative + negative
-mbedtls_mpi_add_mpi:"-7b":"-7b":"-f6"
-
-MPI add #23 negative + positive with leading zero limb
-mbedtls_mpi_add_mpi:"-7b":"0000000000000000123":"a8"
-
-MPI add #24 negative + negative with leading zero limb
-mbedtls_mpi_add_mpi:"-7b":"-0000000000000000123":"-19e"
-
-MPI add #25 negative + large positive
-mbedtls_mpi_add_mpi:"-7b":"1230000000000000000":"122ffffffffffffff85"
-
-MPI add #26 negative + large negative
-mbedtls_mpi_add_mpi:"-7b":"-1230000000000000000":"-123000000000000007b"
-
-MPI add #27 positive with leading zero limb + positive with leading zero limb
-mbedtls_mpi_add_mpi:"0000000000000000123":"0000000000000000123":"246"
-
-MPI add #28 positive with leading zero limb + negative with leading zero limb
-mbedtls_mpi_add_mpi:"0000000000000000123":"-0000000000000000123":"0"
-
-MPI add #29 positive with leading zero limb + large positive
-mbedtls_mpi_add_mpi:"0000000000000000123":"1230000000000000000":"1230000000000000123"
-
-MPI add #30 positive with leading zero limb + large negative
-mbedtls_mpi_add_mpi:"0000000000000000123":"-1230000000000000000":"-122fffffffffffffedd"
-
-MPI add #31 negative with leading zero limb + negative with leading zero limb
-mbedtls_mpi_add_mpi:"-0000000000000000123":"-0000000000000000123":"-246"
-
-MPI add #32 negative with leading zero limb + large positive
-mbedtls_mpi_add_mpi:"-0000000000000000123":"1230000000000000000":"122fffffffffffffedd"
-
-MPI add #33 negative with leading zero limb + large negative
-mbedtls_mpi_add_mpi:"-0000000000000000123":"-1230000000000000000":"-1230000000000000123"
-
-MPI add #34 large positive + large positive
-mbedtls_mpi_add_mpi:"1230000000000000000":"1230000000000000000":"2460000000000000000"
-
-MPI add #35 large positive + large negative
-mbedtls_mpi_add_mpi:"1230000000000000000":"-1230000000000000000":"0"
-
-MPI add #36 large negative + large negative
-mbedtls_mpi_add_mpi:"-1230000000000000000":"-1230000000000000000":"-2460000000000000000"
-
-MPI add #37 large positive + large positive
-mbedtls_mpi_add_mpi:"1c67967269c6":"1c67967269c6":"38cf2ce4d38c"
-
-MPI add #38 large positive + positive
-mbedtls_mpi_add_mpi:"1c67967269c6":"9cde3":"1c67967c37a9"
-
-MPI add #39 large positive + large negative
-mbedtls_mpi_add_mpi:"1c67967269c6":"-1c67967269c6":"0"
-
-MPI add #40 large positive + negative
-mbedtls_mpi_add_mpi:"1c67967269c6":"-9cde3":"1c6796689be3"
-
-MPI add #41 positive + positive
-mbedtls_mpi_add_mpi:"9cde3":"9cde3":"139bc6"
-
-MPI add #42 positive + large negative
-mbedtls_mpi_add_mpi:"9cde3":"-1c67967269c6":"-1c6796689be3"
-
-MPI add #43 positive + negative
-mbedtls_mpi_add_mpi:"9cde3":"-9cde3":"0"
-
-MPI add #44 large negative + large negative
-mbedtls_mpi_add_mpi:"-1c67967269c6":"-1c67967269c6":"-38cf2ce4d38c"
-
-MPI add #45 large negative + negative
-mbedtls_mpi_add_mpi:"-1c67967269c6":"-9cde3":"-1c67967c37a9"
-
-MPI add #46 negative + negative
-mbedtls_mpi_add_mpi:"-9cde3":"-9cde3":"-139bc6"
-
-MPI compare #1 0 (null) == 0 (null)
-mbedtls_mpi_cmp_mpi:"":"":0
-
-MPI compare #2 0 (null) == 0 (1 limb)
-mbedtls_mpi_cmp_mpi:"":"0":0
-
-MPI compare #3 0 (null) < positive
-mbedtls_mpi_cmp_mpi:"":"7b":-1
-
-MPI compare #4 0 (null) > negative
-mbedtls_mpi_cmp_mpi:"":"-7b":1
-
-MPI compare #5 0 (null) < positive with leading zero limb
-mbedtls_mpi_cmp_mpi:"":"0000000000000000123":-1
-
-MPI compare #6 0 (null) > negative with leading zero limb
-mbedtls_mpi_cmp_mpi:"":"-0000000000000000123":1
-
-MPI compare #7 0 (null) < large positive
-mbedtls_mpi_cmp_mpi:"":"1230000000000000000":-1
-
-MPI compare #8 0 (null) > large negative
-mbedtls_mpi_cmp_mpi:"":"-1230000000000000000":1
-
-MPI compare #9 0 (1 limb) == 0 (1 limb)
-mbedtls_mpi_cmp_mpi:"0":"0":0
-
-MPI compare #10 0 (1 limb) < positive
-mbedtls_mpi_cmp_mpi:"0":"7b":-1
-
-MPI compare #11 0 (1 limb) > negative
-mbedtls_mpi_cmp_mpi:"0":"-7b":1
-
-MPI compare #12 0 (1 limb) < positive with leading zero limb
-mbedtls_mpi_cmp_mpi:"0":"0000000000000000123":-1
-
-MPI compare #13 0 (1 limb) > negative with leading zero limb
-mbedtls_mpi_cmp_mpi:"0":"-0000000000000000123":1
-
-MPI compare #14 0 (1 limb) < large positive
-mbedtls_mpi_cmp_mpi:"0":"1230000000000000000":-1
-
-MPI compare #15 0 (1 limb) > large negative
-mbedtls_mpi_cmp_mpi:"0":"-1230000000000000000":1
-
-MPI compare #16 positive == positive
-mbedtls_mpi_cmp_mpi:"7b":"7b":0
-
-MPI compare #17 positive > negative
-mbedtls_mpi_cmp_mpi:"7b":"-7b":1
-
-MPI compare #18 positive < positive with leading zero limb
-mbedtls_mpi_cmp_mpi:"7b":"0000000000000000123":-1
-
-MPI compare #19 positive > negative with leading zero limb
-mbedtls_mpi_cmp_mpi:"7b":"-0000000000000000123":1
-
-MPI compare #20 positive < large positive
-mbedtls_mpi_cmp_mpi:"7b":"1230000000000000000":-1
-
-MPI compare #21 positive > large negative
-mbedtls_mpi_cmp_mpi:"7b":"-1230000000000000000":1
-
-MPI compare #22 negative == negative
-mbedtls_mpi_cmp_mpi:"-7b":"-7b":0
-
-MPI compare #23 negative < positive with leading zero limb
-mbedtls_mpi_cmp_mpi:"-7b":"0000000000000000123":-1
-
-MPI compare #24 negative > negative with leading zero limb
-mbedtls_mpi_cmp_mpi:"-7b":"-0000000000000000123":1
-
-MPI compare #25 negative < large positive
-mbedtls_mpi_cmp_mpi:"-7b":"1230000000000000000":-1
-
-MPI compare #26 negative > large negative
-mbedtls_mpi_cmp_mpi:"-7b":"-1230000000000000000":1
-
-MPI compare #27 positive with leading zero limb == positive with leading zero limb
-mbedtls_mpi_cmp_mpi:"0000000000000000123":"0000000000000000123":0
-
-MPI compare #28 positive with leading zero limb > negative with leading zero limb
-mbedtls_mpi_cmp_mpi:"0000000000000000123":"-0000000000000000123":1
-
-MPI compare #29 positive with leading zero limb < large positive
-mbedtls_mpi_cmp_mpi:"0000000000000000123":"1230000000000000000":-1
-
-MPI compare #30 positive with leading zero limb > large negative
-mbedtls_mpi_cmp_mpi:"0000000000000000123":"-1230000000000000000":1
-
-MPI compare #31 negative with leading zero limb == negative with leading zero limb
-mbedtls_mpi_cmp_mpi:"-0000000000000000123":"-0000000000000000123":0
-
-MPI compare #32 negative with leading zero limb < large positive
-mbedtls_mpi_cmp_mpi:"-0000000000000000123":"1230000000000000000":-1
-
-MPI compare #33 negative with leading zero limb > large negative
-mbedtls_mpi_cmp_mpi:"-0000000000000000123":"-1230000000000000000":1
-
-MPI compare #34 large positive == large positive
-mbedtls_mpi_cmp_mpi:"1230000000000000000":"1230000000000000000":0
-
-MPI compare #35 large positive > large negative
-mbedtls_mpi_cmp_mpi:"1230000000000000000":"-1230000000000000000":1
-
-MPI compare #36 large negative == large negative
-mbedtls_mpi_cmp_mpi:"-1230000000000000000":"-1230000000000000000":0
-
-MPI compare #37 negative > negative
-mbedtls_mpi_cmp_mpi:"-2":"-3":1
-
-MPI compare #38 negative == negative
-mbedtls_mpi_cmp_mpi:"-2":"-2":0
-
-MPI compare #39 positive < positive
-mbedtls_mpi_cmp_mpi:"2b4":"2b5":-1
-
-MPI compare #40 positive < positive
-mbedtls_mpi_cmp_mpi:"2b5":"2b6":-1
-
-MPI compare (abs) #1 0 (null) == 0 (null)
-mbedtls_mpi_cmp_abs:"":"":0
-
-MPI compare (abs) #2 0 (null) == 0 (1 limb)
-mbedtls_mpi_cmp_abs:"":"0":0
-
-MPI compare (abs) #3 0 (null) < positive
-mbedtls_mpi_cmp_abs:"":"7b":-1
-
-MPI compare (abs) #4 0 (null) < positive
-mbedtls_mpi_cmp_abs:"":"7b":-1
-
-MPI compare (abs) #5 0 (null) < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"":"0000000000000000123":-1
-
-MPI compare (abs) #6 0 (null) < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"":"0000000000000000123":-1
-
-MPI compare (abs) #7 0 (null) < large positive
-mbedtls_mpi_cmp_abs:"":"1230000000000000000":-1
-
-MPI compare (abs) #8 0 (null) < large positive
-mbedtls_mpi_cmp_abs:"":"1230000000000000000":-1
-
-MPI compare (abs) #9 0 (1 limb) == 0 (1 limb)
-mbedtls_mpi_cmp_abs:"0":"0":0
-
-MPI compare (abs) #10 0 (1 limb) < positive
-mbedtls_mpi_cmp_abs:"0":"7b":-1
-
-MPI compare (abs) #11 0 (1 limb) < positive
-mbedtls_mpi_cmp_abs:"0":"7b":-1
-
-MPI compare (abs) #12 0 (1 limb) < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"0":"0000000000000000123":-1
-
-MPI compare (abs) #13 0 (1 limb) < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"0":"0000000000000000123":-1
-
-MPI compare (abs) #14 0 (1 limb) < large positive
-mbedtls_mpi_cmp_abs:"0":"1230000000000000000":-1
-
-MPI compare (abs) #15 0 (1 limb) < large positive
-mbedtls_mpi_cmp_abs:"0":"1230000000000000000":-1
-
-MPI compare (abs) #16 positive == positive
-mbedtls_mpi_cmp_abs:"7b":"7b":0
-
-MPI compare (abs) #17 positive == positive
-mbedtls_mpi_cmp_abs:"7b":"7b":0
-
-MPI compare (abs) #18 positive < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
-
-MPI compare (abs) #19 positive < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
-
-MPI compare (abs) #20 positive < large positive
-mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
-
-MPI compare (abs) #21 positive < large positive
-mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
-
-MPI compare (abs) #22 positive == positive
-mbedtls_mpi_cmp_abs:"7b":"7b":0
-
-MPI compare (abs) #23 positive < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
-
-MPI compare (abs) #24 positive < positive with leading zero limb
-mbedtls_mpi_cmp_abs:"7b":"0000000000000000123":-1
-
-MPI compare (abs) #25 positive < large positive
-mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
-
-MPI compare (abs) #26 positive < large positive
-mbedtls_mpi_cmp_abs:"7b":"1230000000000000000":-1
-
-MPI compare (abs) #27 positive with leading zero limb == positive with leading zero limb
-mbedtls_mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
-
-MPI compare (abs) #28 positive with leading zero limb == positive with leading zero limb
-mbedtls_mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
-
-MPI compare (abs) #29 positive with leading zero limb < large positive
-mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
-
-MPI compare (abs) #30 positive with leading zero limb < large positive
-mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
-
-MPI compare (abs) #31 positive with leading zero limb == positive with leading zero limb
-mbedtls_mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0
-
-MPI compare (abs) #32 positive with leading zero limb < large positive
-mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
-
-MPI compare (abs) #33 positive with leading zero limb < large positive
-mbedtls_mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1
-
-MPI compare (abs) #34 large positive == large positive
-mbedtls_mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
-
-MPI compare (abs) #35 large positive == large positive
-mbedtls_mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
-
-MPI compare (abs) #36 large positive == large positive
-mbedtls_mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0
-
-MPI compare (abs) #37 positive < positive
-mbedtls_mpi_cmp_abs:"2":"3":-1
-
-MPI compare (abs) #38 positive == positive
-mbedtls_mpi_cmp_abs:"2":"2":0
-
-MPI compare (abs) #39 positive < positive
-mbedtls_mpi_cmp_abs:"2b4":"2b5":-1
-
-MPI compare (abs) #40 positive < positive
-mbedtls_mpi_cmp_abs:"2b5":"2b6":-1
-
-# End of automatically generated file.

tests/suites/test_suite_pem.data

@@ -23,6 +23,7 @@ PEM read (DES-CBC + invalid iv)
 mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV
 
 PEM read (unknown encryption algorithm)
+depends_on:MBEDTLS_AES_C
 mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG
 
 PEM read (malformed PEM DES-CBC)

tests/suites/test_suite_pkcs5.data

@@ -203,11 +203,11 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT:""
 
 PBES2 Decrypt (bad password)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
 
 PBES2 Decrypt (bad iter value)
-depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606"
 
 PKCS#5 Selftest

tests/suites/test_suite_psa_crypto.function

@@ -4,6 +4,7 @@
 #include "mbedtls/asn1.h"
 #include "mbedtls/asn1write.h"
 #include "mbedtls/oid.h"
+#include "common.h"
 
 /* For MBEDTLS_CTR_DRBG_MAX_REQUEST, knowing that psa_generate_random()
  * uses mbedtls_ctr_drbg internally. */
@@ -2658,7 +2659,7 @@ void cipher_alg_without_iv( int alg_arg, int key_type_arg, data_t *key_data,
     TEST_LE_U( length, output_buffer_size );
     output_length += length;
     PSA_ASSERT( psa_cipher_finish( &operation,
-                                   output + output_length,
+                                   mbedtls_buffer_offset( output, output_length ),
                                    output_buffer_size - output_length,
                                    &length ) );
     output_length += length;
@@ -2676,7 +2677,7 @@ void cipher_alg_without_iv( int alg_arg, int key_type_arg, data_t *key_data,
     TEST_LE_U( length, output_buffer_size );
     output_length += length;
     PSA_ASSERT( psa_cipher_finish( &operation,
-                                   output + output_length,
+                                   mbedtls_buffer_offset( output, output_length ),
                                    output_buffer_size - output_length,
                                    &length ) );
     output_length += length;

tests/suites/test_suite_psa_crypto_se_driver_hal.function

@@ -664,8 +664,10 @@ static int smoke_test_key( mbedtls_svc_key_id_t key )
     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
     psa_mac_operation_t mac_operation = PSA_MAC_OPERATION_INIT;
     psa_cipher_operation_t cipher_operation = PSA_CIPHER_OPERATION_INIT;
+#if defined(MBEDTLS_SHA256_C)
     psa_key_derivation_operation_t derivation_operation =
         PSA_KEY_DERIVATION_OPERATION_INIT;
+#endif
     uint8_t buffer[80]; /* large enough for a public key for ECDH */
     size_t length;
     mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT;

tests/suites/test_suite_ssl.function

@@ -133,7 +133,7 @@ void mbedtls_test_buffer_init( mbedtls_test_buffer *buf )
 int mbedtls_test_buffer_setup( mbedtls_test_buffer *buf, size_t capacity )
 {
     buf->buffer = (unsigned char*) mbedtls_calloc( capacity,
-                                                   sizeof(unsigned char) );
+                                                   sizeof( unsigned char ) );
     if( NULL == buf->buffer )
         return MBEDTLS_ERR_SSL_ALLOC_FAILED;
     buf->capacity = capacity;
@@ -283,7 +283,7 @@ typedef struct mbedtls_test_message_queue
 int mbedtls_test_message_queue_setup( mbedtls_test_message_queue *queue,
                                       size_t capacity )
 {
-    queue->messages = (size_t*) mbedtls_calloc( capacity, sizeof(size_t) );
+    queue->messages = (size_t*) mbedtls_calloc( capacity, sizeof( size_t ) );
     if( NULL == queue->messages )
         return MBEDTLS_ERR_SSL_ALLOC_FAILED;
 
@@ -457,7 +457,7 @@ int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1,
     int ret = -1;
 
     peer1->output =
-        (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) );
+        (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof( mbedtls_test_buffer ) );
     if( peer1->output == NULL )
     {
         ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
@@ -470,7 +470,7 @@ int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1,
     }
 
     peer2->output =
-        (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) );
+        (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof( mbedtls_test_buffer) );
     if( peer2->output == NULL )
     {
         ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
@@ -725,7 +725,7 @@ int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len )
     return msg_len;
 }
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
     defined(MBEDTLS_ENTROPY_C) && \
     defined(MBEDTLS_CTR_DRBG_C)
 
@@ -734,9 +734,9 @@ int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len )
  */
 typedef struct mbedtls_endpoint_certificate
 {
-    mbedtls_x509_crt ca_cert;
-    mbedtls_x509_crt cert;
-    mbedtls_pk_context pkey;
+    mbedtls_x509_crt* ca_cert;
+    mbedtls_x509_crt* cert;
+    mbedtls_pk_context* pkey;
 } mbedtls_endpoint_certificate;
 
 /*
@@ -753,6 +753,42 @@ typedef struct mbedtls_endpoint
     mbedtls_endpoint_certificate cert;
 } mbedtls_endpoint;
 
+/*
+ * Deinitializes certificates from endpoint represented by \p ep.
+ */
+void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep )
+{
+    mbedtls_endpoint_certificate *cert = &( ep->cert );
+    if( cert != NULL )
+    {
+        if( cert->ca_cert != NULL )
+        {
+            mbedtls_x509_crt_free( cert->ca_cert );
+            mbedtls_free( cert->ca_cert );
+            cert->ca_cert = NULL;
+        }
+        if( cert->cert != NULL )
+        {
+            mbedtls_x509_crt_free( cert->cert );
+            mbedtls_free( cert->cert );
+            cert->cert = NULL;
+        }
+        if( cert->pkey != NULL )
+        {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            if( mbedtls_pk_get_type( cert->pkey ) == MBEDTLS_PK_OPAQUE )
+            {
+                mbedtls_svc_key_id_t *key_slot = cert->pkey->pk_ctx;
+                psa_destroy_key( *key_slot );
+            }
+#endif
+            mbedtls_pk_free( cert->pkey );
+            mbedtls_free( cert->pkey );
+            cert->pkey = NULL;
+        }
+    }
+}
+
 /*
  * Initializes \p ep_cert structure and assigns it to endpoint
  * represented by \p ep.
@@ -763,7 +799,7 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg )
 {
     int i = 0;
     int ret = -1;
-    mbedtls_endpoint_certificate *cert;
+    mbedtls_endpoint_certificate *cert = NULL;
 
     if( ep == NULL )
     {
@@ -771,15 +807,19 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg )
     }
 
     cert = &( ep->cert );
-    mbedtls_x509_crt_init( &( cert->ca_cert ) );
-    mbedtls_x509_crt_init( &( cert->cert ) );
-    mbedtls_pk_init( &( cert->pkey ) );
+    ASSERT_ALLOC( cert->ca_cert, 1 );
+    ASSERT_ALLOC( cert->cert, 1 );
+    ASSERT_ALLOC( cert->pkey, 1 );
+
+    mbedtls_x509_crt_init( cert->ca_cert );
+    mbedtls_x509_crt_init( cert->cert );
+    mbedtls_pk_init( cert->pkey );
 
     /* Load the trusted CA */
 
     for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
     {
-        ret = mbedtls_x509_crt_parse_der( &( cert->ca_cert ),
+        ret = mbedtls_x509_crt_parse_der( cert->ca_cert,
                         (const unsigned char *) mbedtls_test_cas_der[i],
                         mbedtls_test_cas_der_len[i] );
         TEST_ASSERT( ret == 0 );
@@ -791,24 +831,24 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg )
     {
         if( pk_alg == MBEDTLS_PK_RSA )
         {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
+            ret = mbedtls_x509_crt_parse( cert->cert,
                     (const unsigned char*) mbedtls_test_srv_crt_rsa_sha256_der,
                     mbedtls_test_srv_crt_rsa_sha256_der_len );
             TEST_ASSERT( ret == 0 );
 
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
+            ret = mbedtls_pk_parse_key( cert->pkey,
                             (const unsigned char*) mbedtls_test_srv_key_rsa_der,
                             mbedtls_test_srv_key_rsa_der_len, NULL, 0 );
             TEST_ASSERT( ret == 0 );
         }
         else
         {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
+            ret = mbedtls_x509_crt_parse( cert->cert,
                             (const unsigned char*) mbedtls_test_srv_crt_ec_der,
                             mbedtls_test_srv_crt_ec_der_len );
             TEST_ASSERT( ret == 0 );
 
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
+            ret = mbedtls_pk_parse_key( cert->pkey,
                             (const unsigned char*) mbedtls_test_srv_key_ec_der,
                             mbedtls_test_srv_key_ec_der_len, NULL, 0 );
             TEST_ASSERT( ret == 0 );
@@ -818,42 +858,40 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg )
     {
         if( pk_alg == MBEDTLS_PK_RSA )
         {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
+            ret = mbedtls_x509_crt_parse( cert->cert,
                           (const unsigned char *) mbedtls_test_cli_crt_rsa_der,
                           mbedtls_test_cli_crt_rsa_der_len );
             TEST_ASSERT( ret == 0 );
 
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
+            ret = mbedtls_pk_parse_key( cert->pkey,
                           (const unsigned char *) mbedtls_test_cli_key_rsa_der,
                           mbedtls_test_cli_key_rsa_der_len, NULL, 0 );
             TEST_ASSERT( ret == 0 );
         }
         else
         {
-            ret = mbedtls_x509_crt_parse( &( cert->cert ),
+            ret = mbedtls_x509_crt_parse( cert->cert,
                           (const unsigned char *) mbedtls_test_cli_crt_ec_der,
                           mbedtls_test_cli_crt_ec_len );
             TEST_ASSERT( ret == 0 );
 
-            ret = mbedtls_pk_parse_key( &( cert->pkey ),
+            ret = mbedtls_pk_parse_key( cert->pkey,
                           (const unsigned char *) mbedtls_test_cli_key_ec_der,
                           mbedtls_test_cli_key_ec_der_len, NULL, 0 );
             TEST_ASSERT( ret == 0 );
         }
     }
 
-    mbedtls_ssl_conf_ca_chain( &( ep->conf ), &( cert->ca_cert ), NULL );
+    mbedtls_ssl_conf_ca_chain( &( ep->conf ), cert->ca_cert, NULL );
 
-    ret = mbedtls_ssl_conf_own_cert( &( ep->conf ), &( cert->cert ),
-                                     &( cert->pkey ) );
+    ret = mbedtls_ssl_conf_own_cert( &( ep->conf ), cert->cert,
+                                     cert->pkey );
     TEST_ASSERT( ret == 0 );
 
 exit:
     if( ret != 0 )
     {
-        mbedtls_x509_crt_free( &( cert->ca_cert ) );
-        mbedtls_x509_crt_free( &( cert->cert ) );
-        mbedtls_pk_free( &( cert->pkey ) );
+        mbedtls_endpoint_certificate_free( ep );
     }
 
     return ret;
@@ -959,17 +997,6 @@ exit:
     return ret;
 }
 
-/*
- * Deinitializes certificates from endpoint represented by \p ep.
- */
-void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep )
-{
-    mbedtls_endpoint_certificate *cert = &( ep->cert );
-    mbedtls_x509_crt_free( &( cert->ca_cert ) );
-    mbedtls_x509_crt_free( &( cert->cert ) );
-    mbedtls_pk_free( &( cert->pkey ) );
-}
-
 /*
  * Deinitializes endpoint represented by \p ep.
  */
@@ -1041,7 +1068,7 @@ int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl,
     return ( max_steps >= 0 ) ? ret : -1;
 }
 
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
 
 /*
  * Write application data. Increase write counter if necessary.
@@ -1462,7 +1489,7 @@ static int ssl_populate_session( mbedtls_ssl_session *session,
     memset( session->id, 66, session->id_len );
     memset( session->master, 17, sizeof( session->master ) );
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO)
     if( strlen( crt_file ) != 0 )
     {
         mbedtls_x509_crt tmp_crt;
@@ -1500,9 +1527,9 @@ static int ssl_populate_session( mbedtls_ssl_session *session,
 
         mbedtls_x509_crt_free( &tmp_crt );
     }
-#else /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
+#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
     (void) crt_file;
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
     session->verify_result = 0xdeadbeef;
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
@@ -1685,7 +1712,7 @@ int exchange_data( mbedtls_ssl_context *ssl_1,
                                   ssl_2, 256, 1 );
 }
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
     defined(MBEDTLS_ENTROPY_C) && \
     defined(MBEDTLS_CTR_DRBG_C)
 void perform_handshake( handshake_test_options* options )
@@ -1709,6 +1736,10 @@ void perform_handshake( handshake_test_options* options )
 #endif
     int expected_handshake_result = 0;
 
+    USE_PSA_INIT( );
+    mbedtls_platform_zeroize( &client, sizeof( client ) );
+    mbedtls_platform_zeroize( &server, sizeof( server ) );
+
     mbedtls_test_message_queue server_queue, client_queue;
     mbedtls_test_message_socket_context server_context, client_context;
     mbedtls_message_socket_init( &server_context );
@@ -2061,7 +2092,7 @@ exit:
         mbedtls_free( context_buf );
 #endif
 }
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
 
 /* END_HEADER */
 
@@ -2078,7 +2109,7 @@ void test_callback_buffer_sanity()
     unsigned char input[MSGLEN];
     unsigned char output[MSGLEN];
 
-    memset( input, 0, sizeof(input) );
+    memset( input, 0, sizeof( input ) );
 
     /* Make sure calling put and get on NULL buffer results in error. */
     TEST_ASSERT( mbedtls_test_buffer_put( NULL, input, sizeof( input ) )
@@ -3166,7 +3197,7 @@ void ssl_dtls_replay( data_t * prevs, data_t * new, int ret )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
 {
     mbedtls_ssl_context ssl;
@@ -3714,7 +3745,7 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
     TEST_ASSERT( lbl != NULL );
 
     /* Check sanity of test parameters. */
-    TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
+    TEST_ASSERT( (size_t) desired_length <= sizeof( dst ) );
     TEST_ASSERT( (size_t) desired_length == expected->len );
 
     TEST_ASSERT( mbedtls_ssl_tls1_3_hkdf_expand_label(
@@ -3800,7 +3831,7 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
     TEST_ASSERT( lbl != NULL );
 
     /* Check sanity of test parameters. */
-    TEST_ASSERT( (size_t) desired_length <= sizeof(dst) );
+    TEST_ASSERT( (size_t) desired_length <= sizeof( dst ) );
     TEST_ASSERT( (size_t) desired_length == expected->len );
 
     TEST_ASSERT( mbedtls_ssl_tls1_3_derive_secret(
@@ -3904,7 +3935,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
     TEST_ASSERT( memcmp( original.master,
                          restored.master, sizeof( original.master ) ) == 0 );
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
     TEST_ASSERT( ( original.peer_cert == NULL ) ==
                  ( restored.peer_cert == NULL ) );
@@ -3930,7 +3961,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
                              original.peer_cert_digest_len ) == 0 );
     }
 #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
     TEST_ASSERT( original.verify_result == restored.verify_result );
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
@@ -4155,7 +4186,7 @@ void ssl_session_serialize_version_check( int corrupt_major,
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void mbedtls_endpoint_sanity( int endpoint_type )
 {
     enum { BUFFSIZE = 1024 };
@@ -4178,13 +4209,16 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C */
 void move_handshake_to_state(int endpoint_type, int state, int need_pass)
 {
     enum { BUFFSIZE = 1024 };
     mbedtls_endpoint base_ep, second_ep;
     int ret = -1;
 
+    mbedtls_platform_zeroize( &base_ep, sizeof( base_ep ) );
+    mbedtls_platform_zeroize( &second_ep, sizeof( second_ep ) );
+
     ret = mbedtls_endpoint_init( &base_ep, endpoint_type, MBEDTLS_PK_RSA,
                                  NULL, NULL, NULL, NULL );
     TEST_ASSERT( ret == 0 );
@@ -4220,7 +4254,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C */
 void handshake_version( int dtls, int client_min_version, int client_max_version,
                         int server_min_version, int server_max_version,
                         int expected_negotiated_version )
@@ -4251,7 +4285,7 @@ void handshake_version( int dtls, int client_min_version, int client_max_version
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls )
 {
     handshake_test_options options;
@@ -4269,7 +4303,7 @@ void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void handshake_cipher( char* cipher, int pk_alg, int dtls )
 {
     test_handshake_psk_cipher( cipher, pk_alg, NULL, dtls );
@@ -4279,7 +4313,7 @@ void handshake_cipher( char* cipher, int pk_alg, int dtls )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void app_data( int mfl, int cli_msg_len, int srv_msg_len,
                int expected_cli_fragments,
                int expected_srv_fragments, int dtls )
@@ -4300,7 +4334,7 @@ void app_data( int mfl, int cli_msg_len, int srv_msg_len,
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C */
 void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len,
                    int expected_cli_fragments,
                    int expected_srv_fragments )
@@ -4312,7 +4346,7 @@ void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len,
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len,
                     int expected_cli_fragments,
                     int expected_srv_fragments )
@@ -4324,7 +4358,7 @@ void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len,
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void handshake_serialization( )
 {
     handshake_test_options options;
@@ -4338,7 +4372,7 @@ void handshake_serialization( )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation)
 {
     handshake_test_options options;
@@ -4374,7 +4408,7 @@ void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int ex
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void renegotiation( int legacy_renegotiation )
 {
     handshake_test_options options;
@@ -4390,7 +4424,7 @@ void renegotiation( int legacy_renegotiation )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation,
                      int serialize, int dtls, char *cipher )
 {
@@ -4411,7 +4445,7 @@ void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation,
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void resize_buffers_serialize_mfl( int mfl )
 {
     test_resize_buffers( mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
@@ -4422,7 +4456,7 @@ void resize_buffers_serialize_mfl( int mfl )
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */
 void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation,
                                      char *cipher )
 {
@@ -4560,7 +4594,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_ECDSA_C */
+/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_ECDSA_C */
 void raw_key_agreement_fail( int bad_server_ecdhe_key )
 {
     enum { BUFFSIZE = 17000 };
@@ -4571,6 +4605,8 @@ void raw_key_agreement_fail( int bad_server_ecdhe_key )
     mbedtls_ecp_group_id curve_list[] = { MBEDTLS_ECP_DP_SECP256R1,
                                           MBEDTLS_ECP_DP_NONE };
     USE_PSA_INIT( );
+    mbedtls_platform_zeroize( &client, sizeof( client ) );
+    mbedtls_platform_zeroize( &server, sizeof( server ) );
 
     /* Client side, force SECP256R1 to make one key bitflip fail
      * the raw key agreement. Flipping the first byte makes the

tests/suites/test_suite_x509parse.data

@@ -96,7 +96,11 @@ x509_cert_info:"data_files/server5-sha512.crt":"cert. version     \: 3\nserial n
 
 X509 CRT information EC, SHA256 Digest, hardware module name SAN
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/server5-othername.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued  on        \: 2019-03-24 09\:06\:02\nexpires on        \: 2029-03-21 09\:06\:02\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 123456\n"
+x509_cert_info:"data_files/server5-othername.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued  on        \: 2019-03-24 09\:06\:02\nexpires on        \: 2029-03-21 09\:06\:02\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 313233343536\n"
+
+X509 CRT information EC, SHA256 Digest, binary hardware module name SAN
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+x509_cert_info:"data_files/server5-nonprintable_othername.crt":"cert. version     \: 3\nserial number     \: 4D\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nissued  on        \: 2022-09-06 15\:56\:47\nexpires on        \: 2032-09-03 15\:56\:47\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 3132338081008180333231\n"
 
 X509 CRT information EC, SHA256 Digest, Wisun Fan device
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
@@ -120,7 +124,7 @@ x509_cert_info:"data_files/cert_example_multi.crt":"cert. version     \: 3\nseri
 
 X509 CRT information, Multiple different Subject Alt Name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_cert_info:"data_files/multiple_san.crt":"cert. version     \: 3\nserial number     \: 04\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued  on        \: 2019-04-22 16\:10\:48\nexpires on        \: 2029-04-19 16\:10\:48\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    dNSName \: example.com\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 123456\n    dNSName \: example.net\n    dNSName \: *.example.org\n"
+x509_cert_info:"data_files/multiple_san.crt":"cert. version     \: 3\nserial number     \: 04\nissuer name       \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name      \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued  on        \: 2019-04-22 16\:10\:48\nexpires on        \: 2029-04-19 16\:10\:48\nsigned using      \: ECDSA with SHA256\nEC key size       \: 256 bits\nsubject alt name  \:\n    dNSName \: example.com\n    otherName \:\n        hardware module name \:\n            hardware type          \: 1.3.6.1.4.1.17.3\n            hardware serial number \: 313233343536\n    dNSName \: example.net\n    dNSName \: *.example.org\n"
 
 X509 CRT information, Subject Alt Name + Key Usage
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
@@ -184,7 +188,11 @@ x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version     \: 1\nserial
 
 X509 SAN parsing otherName
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 123456\n"
+x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n"
+
+X509 SAN parsing binary otherName
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+x509_parse_san:"data_files/server5-nonprintable_othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n"
 
 X509 SAN parsing dNSName
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
@@ -192,7 +200,7 @@ x509_parse_san:"data_files/cert_example_multi.crt":"type \: 2\ndNSName \: exampl
 
 X509 SAN parsing  Multiple different types
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-x509_parse_san:"data_files/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 123456\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
+x509_parse_san:"data_files/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
 
 X509 SAN parsing, no subject alt name
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C

tests/suites/test_suite_x509parse.function

@@ -262,17 +262,11 @@ int verify_parse_san( mbedtls_x509_subject_alternative_name *san,
                 ret = mbedtls_snprintf( p, n, ", hardware serial number : " );
                 MBEDTLS_X509_SAFE_SNPRINTF;
 
-               if( san->san.other_name.value.hardware_module_name.val.len >= n )
+                for( i = 0; i < san->san.other_name.value.hardware_module_name.val.len; i++ )
                 {
-                   *p = '\0';
-                   return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
+                    ret = mbedtls_snprintf( p, n, "%02X", san->san.other_name.value.hardware_module_name.val.p[i] );
+                    MBEDTLS_X509_SAFE_SNPRINTF;
                 }
-
-               for( i=0; i < san->san.other_name.value.hardware_module_name.val.len; i++ )
-               {
-                   *p++ = san->san.other_name.value.hardware_module_name.val.p[i];
-               }
-               n -= san->san.other_name.value.hardware_module_name.val.len;
             }
         break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */
         case(  MBEDTLS_X509_SAN_DNS_NAME ):

tests/suites/test_suite_x509write.data

@@ -1,54 +1,58 @@
 Certificate Request check Server1 SHA1
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0:0
 
 Certificate Request check Server1 SHA224
 depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0:0
 
 Certificate Request check Server1 SHA256
 depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0:0
 
 Certificate Request check Server1 SHA384
 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0:0
 
 Certificate Request check Server1 SHA512
 depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0:0
 
 Certificate Request check Server1 MD4
 depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0:0
 
 Certificate Request check Server1 MD5
 depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0:0
 
 Certificate Request check Server1 key_usage
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0
 
 Certificate Request check Server1 key_usage empty
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0:0
 
 Certificate Request check Server1 ns_cert_type
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0
 
 Certificate Request check Server1 ns_cert_type empty
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1:0
 
 Certificate Request check Server1 key_usage + ns_cert_type
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0
 
 Certificate Request check Server5 ECDSA, key_usage
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0
+x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0:0
+
+Certificate Request check Server1, set_extension
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256.ext":MBEDTLS_MD_SHA256:0:0:0:0:1
 
 Certificate Request check opaque Server5 ECDSA, key_usage
 depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED

tests/suites/test_suite_x509write.function

@@ -5,6 +5,7 @@
 #include "mbedtls/pem.h"
 #include "mbedtls/oid.h"
 #include "mbedtls/rsa.h"
+#include "mbedtls/asn1write.h"
 
 #if defined(MBEDTLS_RSA_C)
 int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
@@ -68,6 +69,56 @@ cleanup:
 }
 #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
 
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+
+/*
+ * The size of this temporary buffer is given by the sequence of functions
+ * called hereinafter:
+ * - mbedtls_asn1_write_oid()
+ *     - 8 bytes for MBEDTLS_OID_EXTENDED_KEY_USAGE raw value
+ *     - 1 byte for MBEDTLS_OID_EXTENDED_KEY_USAGE length
+ *     - 1 byte for MBEDTLS_ASN1_OID tag
+ * - mbedtls_asn1_write_len()
+ *     - 1 byte since we're dealing with sizes which are less than 0x80
+ * - mbedtls_asn1_write_tag()
+ *     - 1 byte
+ *
+ * This length is fine as long as this function is called using the
+ * MBEDTLS_OID_SERVER_AUTH OID. If this is changed in the future, then this
+ * buffer's length should be adjusted accordingly.
+ * Unfortunately there's no predefined max size for OIDs which can be used
+ * to set an overall upper boundary which is always guaranteed.
+ */
+#define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH    12
+
+static int csr_set_extended_key_usage( mbedtls_x509write_csr *ctx,
+                        const char *oid, size_t oid_len )
+{
+    unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 };
+    unsigned char *p = buf + sizeof( buf );
+    int ret;
+    size_t len = 0;
+
+    /*
+     * Following functions fail anyway if the temporary buffer is not large,
+     * but we set an extra check here to emphasize a possible source of errors
+     */
+    if ( oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH )
+    {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &p, buf, oid, oid_len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, ret ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
+                        MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+    ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_EXTENDED_KEY_USAGE,
+              MBEDTLS_OID_SIZE( MBEDTLS_OID_EXTENDED_KEY_USAGE ), p, len );
+
+    return ret;
+}
+#endif  /* MBEDTLS_X509_CSR_WRITE_C */
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -78,7 +129,7 @@ cleanup:
 /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
 void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
                      int key_usage, int set_key_usage, int cert_type,
-                     int set_cert_type )
+                     int set_cert_type, int set_extension )
 {
     mbedtls_pk_context key;
     mbedtls_x509write_csr req;
@@ -105,6 +156,9 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
         TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
     if( set_cert_type != 0 )
         TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
+    if ( set_extension != 0 )
+        TEST_ASSERT( csr_set_extended_key_usage( &req, MBEDTLS_OID_SERVER_AUTH,
+                            MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ) ) == 0 );
 
     ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
                                      mbedtls_test_rnd_pseudo_rand, &rnd_info );